Fraunhofer, SICPA, and Validated ID will present and demonstrate the results of their work in LIGHTest and their NGI ESSIF Lab Projects.
18/05/2021 – 09:15
The NGI ESSIF-Lab project TRAIN (Trust Management Infrastructure) leverages a decentralized data protected approach for a Self-Sovereign Identity (SSI) context. It proposes an infrastructure for SSI that can be used to verify conformance of the issuer to a certain policy and trust scheme. This is important because an ever-increasing number and variety of transactions are conducted digitally over the Internet. At the same time, identity and other credential schemes are evolving towards decentralized complex and open approaches; anyone can be entitled as issuer. For all this, trust is a central empowering factor. So how can you be sure that the entity, be it person or organization making the transaction or issuing a credential is really who they say they are?
The challenge of decentralized trust is not entirely new. Trading, for example, has always involved trust and risk. Whether it is for barter, or for promissory notes. Before modern communication, when trading with someone you did not know, you would take up references from someone you did trust. The longer the distance, the more difficult and risky that was. Long-distance trading sometimes involved family members, travelling and becoming established in those distant locations. In the Twenty-First Century, sophisticated methods to provide that trust between counterparties have been developed, but still rely on someone to provide the references. These now take the form of ‘Trusted Third Parties’ who may be regulated from within an industry itself, or through legislation, to provide ‘certification’. So, how do you obtain the details of the certifications that you need to satisfy acceptable risk and build trust?
The EU H2020 project LIGHTest has developed a flexible approach for this challenge: global lightweight trust infrastructure providing parties of electronic transactions with automatic validation of trust based on their individual trust policies through the publication, querying, and cross-jurisdiction translation of information relevant in making decisions. LIGHTest empowers counterparties to establish trust and awareness of risk through recognizing the ‘Chain of Trust’ and associated certification. It can also provide automatic verification of that certification for every transaction. Verifiers are empowered to make their own trust decisions while different actors (industry organizations, NGOs) can set up their own trust schemes, based on established ones like eIDAS.