- actor #toip
actor in the #essiflab glossary here.
The party tasked with operating the management of a particular governance framework. The administering authority may or may not be the governing authority. For example, a government may be the governing authority for a governance framework administered by an NGO as the administering authority.
- agent #toip
agent in the #essiflab glossary here.
- audit accreditor #gswg#toip
The party which evaluates an applicant auditor for their competence, independence and quality control measures and approves them to make [attestations] about governed parties under the authority of a governance framework.
- auditor #toip
The party which acts as an independent professional trained in evaluating technology-based evidence provided from governed parties asserting that they are in compliance with audit criteria set forth by audit Accreditors. An auditor issues a report attesting its opinion over a governed party's compliance assertion which enables a governing party to issue compliance credentials to the governed party and may place it on a credential registry and add their entry to the trust registry.
An Authority is a party of which certain decisions, ideas, rules etc. are followed by other parties. We distinguish between two kinds of authority:
- centralized authority, also known as the power or right to give orders, make decisions that other parties must follow, and enforce obedience. This kind of authority ignores the natural autonomy of other parties.
- decentralized authority, also known as the power or right that is freely endowed by other parties to the authority, to make decisions, phrase ideas, set rules etc, which these parties will adopt and follow because they think it is in their own interest to do so.
- community #toip
A Community is an organization that seeks to facilitate the cooperation between at least two parties (referred to as its 'members') based on interests that these parties share as each of them seeks to realize its own, individual objectives.
A community is a specialization of the more generic ecosystem in the sense that it is an organization (which an ecosystem need not be) that (actively) facilitates the cooperation between its members, whereas in non-community ecosystems, this cooperation is not actively organized.
- credential registry #gswg#toip
An accessible repository of verifiable credentials issued by a party and made available to be verified in accordance with a governance framework.
- did chain #toip
A set of DIDs linked in a hierarchical model where each DID (except the root) digitally signs the next DID in the chain. DID chains can be verified for cryptographic trust by “walking the chain” back to the root of trust. See also trust registry. Contrast with X.509 certificate chain.
- digital trust ecosystem #toip
An ecosystem of governed parties that interoperate to achieve a set of trust objectives online. Layer 4 of the ToIP stack is designed to support digital trust ecosystems.
- ecosystem #toip
A Ecosystem is a set of at least two (autonomous) parties (the members of the ecosystem) whose individual work complements that of other members, and is of benefit to the set as a whole.
An ecosystem is distinct from a community in the sense that it is not (necessarily) an organization that (actively) facilitates the cooperation between its members. A community is considered a specialization of the more generic 'ecosystem' concept.
- entity #toip
entity in the #essiflab glossary here.
- governance #toip
governance in the #essiflab glossary here.
- governance framework #toip
governance framework in the #gswg glossary here.
- governed party #gswg#toip
A party whose actors perform in a [role] defined by a governance framework.
The party responsible for governing a particular governance framework. The governing authority may or may not be the administering authority. For example, a government may be the governing authority for a governance framework administered by an NGO as the administering authority.
- governing party #toip
An organization that is part of the governing authority of a trust community.
- identifier #toip
An Identifier is a character string that is being used for identification purposes (by a specific party).[^1] This includes names and labels, as they are (obviously) used for such purposes.
Note that while an identifier is used for identification purposes, this does not automatically imply that it actually identifies (singles out) anything. It also depends on what RFC 3986 calls the 'scope of identification', or what Pfitzmann and Hansen (2010) refer to as an 'identifiability set', which are relevant for explaining whether or not (and if so: what) an identifier actually identifies (singles out) in a given context. See the Discussion below.
- identity #toip
Identity is a term that is heavily debated. For our purposes, it is useful to see the identity of a person as the union of all characteristics, judgements and other knowledge that parties have about that person. Generalizing this idea, we say that the identity of any entity consists of the combined knowledge (that is: of all parties that know) about this entity.
Inspired by Pfitzmann and Hansen (2010), we define a partial identity (of an entity) as all the knowledge that a single, specific party has about that entity (= the 'subject' of the partial identity). The identity of an entity is then the union/collection of all of its partial identities.
The Self-Identity or Self-concept of a party is the partial identity of which it is both the subject and the owner.
- jurisdiction #toip
A Jurisdiction is the composition of a (non-empty) set of objectives, one scope, one legal system and one party (called the Governor of the Jurisdiction) that operates the legal system within that scope. While most people are familiar with what we call legal jurisdictions, please observe that organizations habitually will have rules (business policies) in place, enforce them (to some extent), and have ways of resolving conflicts, and therefore qualify as a jurisdiction. Specifically, multi-national organizations are known to govern multiple jurisdictions, aliging the scopes with the scopes of other (often legal) jurisdictions for the purpose of preventing situations in which conflicting rules apply, which would lead to many effort-intensive conflict-resolution cases.
The Jurisdictions pattern provides an overview of how this concept fits in with related concepts.
- knowledge #toip
Knowledge is the (intangible) sum of what is known, the familiarity, awareness or understanding of someone or something (WikiPedia). It includes facts (propositional knowledge), skills (procedural knowledge), or objects (acquaintance knowledge). Knowledge can be acquired in many different ways and from many different sources, including but not limited to experience, reason, memory, testimony, scientific inquiry, education, and practice.
We limit the scope of a Knowledge to a party so as to allow for the existence of multiple such Knowledges, where each of them is internally consistent, yet may be inconsistent with other Knowledges.
- legal entity #toip
A Legal Entity is an entity that is known by and recognized to exist in a jurisdiction. For legal jurisdictions, this usually means that the entity is registered. Legal jurisdictions usually have a registration for its citizens, foreigners, enterprises, fellonies, etc. Non-legal jurisdictions (e.g. a soccer club) register their members, donators, staff, properties, etc., either on the record, or off the record.
The Jurisdictions pattern provides an overview of how this concept fits in with related concepts.
- legal system #toip
A Legal System is a system in which rules are defined (legislature) and a mechanism for their enforcement is implicitly or explicitly defined (executive), as well as a mechanism for conflict resolution (judiciary). A legal system is designed and governed by a single party. A legal system can be operationalized by assigning it a scope within which enforcement and conflict resolution are implemented. The associated operational tasks may be mandated or delegated to other parties. Depending on the individual legal system, 'rules' may be called 'laws', 'regulations', 'directives', 'policies', 'working instructions', etc. Other terms exist for specializations of these terms, e.g. 'order', 'mandate', and others.
The Jurisdictions pattern provides an overview of how this concept fits in with related concepts.
- objective #toip
Objectives drive parties as they make their goals explicit, the primary one of which is also referred to as the mission of that party. A party's objectives are part of its knowledge. When made available to agents of that party, these agents can do the work that is needed to reach these goals (realize the party's objectives).
- organization #toip
An Organization is a party that is associated with a group of actors that work to realize its objectives. Enterprises and governments are the prototypical examples. However, parts of enterprises (e.g. divisions, departments, business units) should also be considered organizations. This also holds for governments and governmental bodies.
- owner #toip
An Owner is a role that a party performs when it is exercizing its legal, rightful or natural title to control some entity.
We interpret 'legal' and 'rightful' as terms that apply to any jurisdiction (that is: not just legal/national jurisdictions, but also those of other organizations (parties).
We take 'natural' as a title that is provided by nature, as in 'the owner of an assertion'.
For futher details, see ownership.
- ownership #ctwg#essiflab#essiflab-framework#toip
Ownership is a relationship between two entities in which one of these entities (called the owner) is entitled to enjoy, dispose of, and control the other entity in an pretty much absolute (sovereign) fashion. Any ownership relationship is grounded in ((the rules of) the legal system of) a specific jurisdiction, that maintains and enforces these rules, and that has means to resolve any disputes arising from that. To do this, both entities must be legal entities in that jurisdiction.
We may use the phrase natural ownership to refer to an ownership relation that exists in the jurisdiction 'Nature' (see the notes of jurisdiction). This enables us to talk about things as 'the (natural) ownership of an assertion'.
- party #toip
A party is an entity that sets its objectives, maintains its knowledge, and uses that knowledge to pursue its objectives in an autonomous (sovereign) manner. One might say that they have a mind of their own. Typical examples are individual people and organizations. Their minds (subjective knowledge) are what distinguishes one party from another, so every party is 1-1 related to its knowledge (mind).
Specifically, every party autonomously manages its
- knowledge (information). It means that every party gets to decide for itself what it believes to be true, what to trust (and what not), what objectives it wants to pursue, how much risks it wants to run, what are valid ways of reasoning (not necessarily logical), how to reach conclusions and make decisions. The knowledge of a party changes continuously as information is added, modified, or deleted - no reasons needed.
- semantics, i.e. the mapping between parts of its knowledge and the data he uses to represent such parts, as well as the mapping between data that it receives and the meaning he interprets such data to be associated with.
- data, i.e. the tangible representation of a subset of its intangible knowledge that it uses to communicate with others, to remember (store), or process.
It is important to note that:
- policy #toip
A policy is a (set of) rules, working instructions and/or other guidance for the execution of one or more kinds of actions. that agents (a) have access to, (b) can interpret as intended by their principal (i.e. policy owner) and (c) must use when executing such actions.
An agent must have access to the policy that its principal has established for the kind of action(s) that the agent is executing for its principal. This requires that the policy be readable by the agent, and that the agent is capable of interpreting it as intended by its principal.
It should be part of the principal's governance processes
- to establish, maintain and evaluate policies for every kind of action that its agents may execute,
- to derive artifacts from such policies that are useable by the various agents (digital, human, or otherwise) that have a right or duty to execute actions for the principal to which such policies apply. So, machine-readable policies should be derived for digital agents, and human-readable policies (in different languages if that is appropriate) for non-digital agents.
- to publish such artifacts such that at least every of its agents that may need to access them, can find and access them as needed.
- to inform its agents whenever updates have been made that they need to be aware of (specifically if agents are allowed to keep local copies of such artifacts).
The Parties, Actors and Actions pattern provides an overview of how this concept fits in with related concepts.
- public utility #toip
A publicly readable and verifiable data storage network for Decentralized Identifiers (DIDs) (e.g. using blockchain, distributed ledger technology (DLT) or Decentralized File System.) At Layer 1 of the Trust over IP technology stack.
- risk #toip
A Risk is the effects that uncertainty can have on the intended realization of an objective of a party (which we call the risk owner). Uncertainty is a lack of information, understanding or knowledge of events, their consequences or likelihoods, and this may affect the results that a party expects and intends to realize so as to fulfull its objectives.
While traditionally these effects are assumed to be negative (i.e. damaging, harmful) to this party, they may also be positive. For example, if you buy a ticket in a lottery, you (should) expect to lose money (the prize of the ticket). However, there is this uncertainty, this lack of information, the effect of it would be that this intended/expected result is deviated from, and you actually win a prize. If this risk is unacceptable (e.g. if you do not know how to manage large amounts of money), then that would call the risk to be managed.
Risk is about the possible effects that uncertainty may have on the intended/expected realization of an objective of some party. In this sense, at least in theory, this means that 'risk' is an objective notion because different parties may have the same ideas about what such effects on a given objective could be. However, since an objective is owned by precisely one parties, and therefore only that party actually knows the actual meaning of that objective, in practice there is little point in drafting lists of such possible effects to make risk assessments easier.
An acceptable risk is a set of such effects that the risk owner has decided that it can, and is willing to deal with as they materialize. They need no further attention. Other risks would need attention and should be managed. Often, risks are assigned a risk level to help risk owners prioritize the risks, allowing them to manage the most important ones before the less important ones.
The owner of a risk that is associated with an objective must be the party that owns that objective, and vice versa, because ownership implies the authority to realize the objective, which in turn implies the authority to manage the associated risks. Of course, as owners are parties, a risk owner may mandate actors to execute the actions that are necessary to manage a risk, but that does not relieve the party from its ownership (and facing possibly associated consequences). In fact, the objective of mandating risk management activities may come with risks which are often overlooked.
- risk management #toip
Risk management is a process that is run by (or on behalf of) a specific party for the purpose of managing the risks that it owns. We distinguish between various kinds of risk-management:
- centralized risk-management, which is a kind of risk management that assumes that the party that runs it has the power or right to give orders, make decisions that other parties must follow, and enforce obedience, which can be applied to mitigate its risks. This kind of risk-management ignores the natural autonomy of other parties.
- decentralized or networked risk-management, which is a kind of risk management that assumes that the party that runs it acknowledges the autonomy of other parties to make their own (risk-related) decisions, and therefore starts and maintains relations with such parties that help them both to manage their individual, subjective risks.
- self sovereign identity #toip
Self-Sovereign Identity (SSI) is a term that has many different interpretations, and that we use to refer to concepts/ideas, architectures, processes and technologies that aim to support (autonomous) parties as they negotiate and execute electronic transactions with one another.
The dialogue about what Self-Sovereign Identity (SSI) really is — started in the blog "The Path to Self-Sovereign Identity" by Christopher Allen in 2016 — has not resulted in a consensus today. While some see the ten principles of SSI that Allen proposed as the definition of SSI, he formulated them as "a departure point to provoke a discussion about what's truly important". And it is obvious that what is important differs per party.
The perspective that the eSSIF-Lab framework takes is that of supporting (autonomous) parties as they negotiate and execute electronic (business) transactions with one another. So anything that helps - e.g. concepts/ideas, architectures, processes and technologies, will be covered by that term.
- self sovereignty #toip
Self-Sovereignty is the characteristic of every party that it is autonomous in managing and operating its own knowledge, particularly in making decisions and deciding how to decide.
- semantics #toip
We use the term semantics to refer to the mapping between (tangible) terms and (intangible) concepts (their meaning, the ideas behind it). Semantics are scoped, i.e. every scope has its own semantic mapping. This implies that every party has - and maintains - its own (subjective) semantics, which is its subjective mapping of a set of terms onto the concepts/ideas in its knowledge. The (erroneous) assumption that parties would (automagically) share a semantics is the cause of many misunderstandings, and hence should be identified and deleted as soon as possible.
- SSI #toip
- ssi assurance community #toip
An SSI Assurance Community is a community that supports its members as they seek to increase their confidence in the SSI infrastructure and/or (specific) qualifications of the data exchanged through that infrastructure." The nature of a community being that its members share some common ground ensures that this objective may be realized by exploing that existing common ground.
Here are some functions that an assurance community may contemplate of performing:
- act as a governing party for a set of credential types.
- run a credential catalogue in which its members (and perhaps others) can advertise the credential types they issue and specify the assurances and other data that parties may need in order to decide whether or not to take that member up on that offering.
- run a yellow pages service which parties can use to find out which members (or other parties) issue credentials of a certain type.
- govern and document accreditation schemes, including schemes for accrediting parties that may certify others against such schemes.
- act as a governing party for decision trees (to be elaborated on)
- act as a KeySmith (also to be elaborated on)
The initial ideas for SSI Assurance Communities can be read in the paper "Decentralized SSI Governance, the missing link in automating business decisions".
- ssi infrastructure #toip
The SSI Infrastructure consists of the technological components that are (envisaged to be) deployed all over the world for the purpose of providing, requesting and obtaining qualified data for the purpose of negotiating and/or executing electronic transactions.
Like any other (hard) Infrastructure, such components are (to be) designed to be interoperable, both
- 'horizontally', i.e. with other infrastructural components, and
- 'vertically', i.e. that it is very easy for other software applications to use them.
It is foreseen that SSI components in this infrastructure are designed and created in a generic way, and hence need to be customizable, so that an individual compnent can work according to the (needs and preferences|policy)-of-the parties for which it is an agent.
This implies that the SSI Infrastructure (a 'hard' infratstructure) needs to be complemented with a complementary 'soft infrastructure', e.g. as can be provided with assurance communities.
- ToIP stack #toip
The two-sided, four-layer architecture for decentralized digital trust infrastructure defined by the ToIP Foundation.
- trust framework #gswg#toip
A specialized type of governance framework that specifies the [requirements] for a [digital identity] system.
- trust registry #toip
A repository which contains a machine-readable listing of approved governed parties deemed compliant by a governing authority over its attributable criteria of its governance framework.
- VC #toip
- verifiable credential #toip#w3cvc
A tamper-evident credential whose authorship by an issuer can be cryptographically verified. Verifiable credentials can be used to build verifiable presentations, which can also be cryptographically verified. The claims in a credential can be about different subjects.