We have discussed the Information Sharing and Safeguarding Challenge, presented a set of ICIF Guiding Principles that we must uphold as we address the challenge, and introduced an Assertion-Based Architecture (ABA) that helps us meet the challenge while satisfying the guiding principles. Our discussion of the ABA and its capabilities is relatively high-level and devoid of technical detail, but the ABA cannot exist without a robust underlying technology standard and/or framework that defines and provides support for the various ABA artifacts: assertions, assertion definitions, assertion profiles, etc. There is no doubt that we could invent a new standard or framework to meet the requirements of the ABA, but this is unnecessary as there already exists a framework that is ideally suited for our purpose: the Trustmark Framework.
What is the Trustmark Framework?
In brief, the Trustmark Framework (TMF) comprises a normative technical specification and a set of accompanying tools and other artifacts that enables a wide-scale “trust ecosystem” in which a wide variety of semantically precise trustmarks (assertions) can be made and relied upon as the basis for trust decisions and trust relationships. These trustmarks are digitally signed, machine-readable artifacts, and trustmarks can be self-asserted or third-party-asserted, depending on the context in which they are to be used and the requirements that they are intended to satisfy. In essence, the TMF provides an ideal foundation on which to build the ABA. For a more thorough overview of the TMF, see this page.
Advantages of Implementing the ABA via the Trustmark Framework
There are numerous advantages to implementing the ABA through the TMF, but here are some of the more significant ones:
- The TMF already exists today, and can be leveraged without an extensive investment of time or money into core standards development.
- The TMF is the only known, mature, published standard or framework that satisfies the ICIF Guiding Principles and meets all the requirements of the ABA.
- The TMF’s normative technical specification is available for use free of charge, and is lifecycle-managed by the Trustmark Initiative through an open, collaborative, consensus-based process for the benefit of all stakeholder communities that have a shared interest in using the TMF. This includes ISE stakeholders and others outside the ISE communities that want to leverage an assertion-based approach to scalable trust using trustmarks.
- The TMF was developed under a U.S. Government-funded research grant by a major U.S. research university, and piloted successfully by a prominent group of agencies from the U.S. law enforcement community.
- The TMF was designed from the ground up for real-world usage, and includes a viable legal framework that has been embraced and accepted by a numerous law enforcement agencies.
For More Information…
The following pages go into greater detail about the TMF: