TRAIN (TRust mAnagement INfrastructure): Trust Management Infrastructure Component for the ESSIF-Lab Architecture

Our component aims to extend the ESSIF-Framework through a global trust infrastructure that can be used to verify the trustworthiness of involved parties in an electronic transaction. The trust layer enables actors using the ESSIF-Framework to verify the root of trust of certificates used to sign credentials. In addition, the component allows for the definition, consideration, and verification of Trust Schemes compliance (e.g. eIDAS including LoAs or other Trust Schemes that can also be application/industry-specific) of involved parties. It is not dependent on a hierarchical CA infrastructure. The component builds on the infrastructure developed in the EU project LIGHTest (2016-2020, G.A. No. 700321). The trust layer is flexible, individual parties can define their own trust policies, manage and publish them. TRAIN is fully in line with the open and decentral SSI approach and complements other approaches.

The trust management architecture that is made possible by TRAIN enables secure, trustable digital interactions. At the same time a classical hierarchical CA-type structure is avoided – so is fraud, chaos and the pure dominance of the economically strongest actors in the system.

Individuals or groups (industry organizations, NGOs, etc.) of validators can define for themselves the trust standards they require. Issuers can publish to what standards they comply. The system is open, but standards for trust are transparent, as the Trust Schemes and Lists can be published.

Country: Germany
Further information: 
Team: Fraunhofer-Institut für Arbeitswirtschaft und Organisation IAO