{"title":"A Trust Policy Meta-Model for Trustworthy and Interoperability of Digital Identity Systems","authors":"Dara TITH , Jean-Noël COLIN","doi":"10.1016/j.procs.2025.02.067","DOIUrl":null,"url":null,"abstract":"<div><div>Trust is a fundamental aspect of information security, ensuring the accuracy and legitimacy of the information presented in credentials. An individual may possess multiple credentials issued by different identity providers, which has led researchers to propose numerous frameworks and policy models to enhance trust both within individual organizations and across different organizations. However, it lacks a formal meta-model for trust policy, making policy enforcement for credential ownership verification from different identity providers more challenging. We propose a new trust policy meta-model scheme and architecture to address this gap, which is generic and applicable to different situations. Validating the trust policy requires defining the scope's boundaries by specifying the context in which entities must meet both system and business requirements. Consequently, trust attributes are detailed in our meta-model diagram and policy language, which are essential for establishing trust policies, while the trust policy architecture is used for enforcing these policies. We provide an example of its application in dealing with Self-Sovereign Identity (SSI) applications. This meta-model allows us to describe and enforce a trust policy in formal terms.</div></div>","PeriodicalId":20465,"journal":{"name":"Procedia Computer Science","volume":"254 ","pages":"Pages 88-97"},"PeriodicalIF":0.0000,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Procedia Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S187705092500417X","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Trust is a fundamental aspect of information security, ensuring the accuracy and legitimacy of the information presented in credentials. An individual may possess multiple credentials issued by different identity providers, which has led researchers to propose numerous frameworks and policy models to enhance trust both within individual organizations and across different organizations. However, it lacks a formal meta-model for trust policy, making policy enforcement for credential ownership verification from different identity providers more challenging. We propose a new trust policy meta-model scheme and architecture to address this gap, which is generic and applicable to different situations. Validating the trust policy requires defining the scope's boundaries by specifying the context in which entities must meet both system and business requirements. Consequently, trust attributes are detailed in our meta-model diagram and policy language, which are essential for establishing trust policies, while the trust policy architecture is used for enforcing these policies. We provide an example of its application in dealing with Self-Sovereign Identity (SSI) applications. This meta-model allows us to describe and enforce a trust policy in formal terms.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
