Conference paper Open Access

Adapting the TPL Trust Policy Language for a Self-Sovereign Identity World

Alber, L.; More, S.; Mödersheim, S.; Schlichtkrull, A.

Trust policies enable the automated processing of trust decisions for electronic transactions. We consider the Trust Policy Language TPL of the LIGHTest project [Mö19] that was designed for businesses and organizations to formulate their trust policies. Using TPL, organizations can decide if and how they want to rely on existing trust schemes like Europe’s eIDAS or trust scheme translations endorsed by them. While the LIGHTest project is geared towards classical approaches like PKI-based trust infrastructures and X.509 certificates, novel concepts are on the rise: one example is the self-sovereign identity (SSI) model that enables users better control of their credentials, offers more privacy, and supports decentralized solutions. Since SSI is based on distributed ledger (DL) technology, it is a question of how TPL can be adapted so that organizations can continue to enjoy the benefits of flexible policy descriptions with automated evaluation at a very high level of reliability. Our contribution is a first step towards integrating SSI and the interaction with a DL into a Trust Policy Language. We discuss this on a more conceptual level and also show required TPL modifications. We demonstrate that we can integrate SSI concepts into TPL without changing the syntax and semantics of TPL itself and have to add new formats and introduce a new built-in predicate for interacting with the DL. Another advantage of this is that the “business logic” aspect of a policy does not need to change, enable re-use of existing policies with the new trust model.

Files (289.9 kB)
Name Size
proceedings-09.pdf
md5:abaf497a6b62339dff79548b09d0cc34
289.9 kB Download
18
18
views
downloads
All versions This version
Views 1818
Downloads 1818
Data volume 5.2 MB5.2 MB
Unique views 1717
Unique downloads 1717

Share

Cite as