Trust can’t be legislated or manufactured. Trust is earned by demonstrating ongoing reliability. Trust isn’t taken on faith, and it can be lost in a moment when foundational conditions change. Facebook is less trusted now than it was before Cambridge Analytica. The credit bureau company Equifax is less trusted now that they lost control of 135 million American’s personal data – including mine.
Imagine a huge room with hundreds of identical doors (I am imagining the millions of doors in the Monsters Inc. chase scene).
How do we know which door is which?
What is behind each of these doors?
Behind some of the doors there are new rooms which also have hundreds of doors.
Imagine the task is to find something behind one of these doors. To succeed at this game, you need to know where to look and you need to have the key to the doors.
The owner of the door may want you to enter, but depending on the door, only knowing and trusting you will make you welcome.
Now imagine you meet someone at your door, and you want to know which of these doors they came out of. How can they represent themselves so you can trust them? What will you give them access to?
In a small town it isn’t uncommon that doors are unlocked – everyone knows everyone else. The larger the community the more concern that members of the community may not be known and trusted – despite the fact that they are “of the community”.
The internet is a big city street. There are lots of activities that can (theoretically) be accomplished anonymously by users. But many other activities require trust in the identity of these users. When it comes to opening these doors (even those that are not locked) trust-in-identity is a concept that applies generally to life on the internet for both users and the doors they want to open.
Knowing we can trust that a website’s URL is really the property of the company or organization depends upon both a “trust framework” – the policies managed by trust communities – and a technical “trust fabric”. The fabric includes the digital certificates that are issued with a level of assurance that the domain actually belongs to the organization. A whole series of non-profit organizations (with ICANN and the CA/B Forum at the center) manage the standards and polices that allow us to trust that a URL actually goes to the IP Address of the right server and that URLs remain unique globally. Imagine, what if we stopped trusting that Amazon.com is really the company Amazon?
Without trust-in-identity, chaos ensues – and e-commerce stops.
This is what a Trust Framework is all about. Creating and enforcing rules for all participants, which instills trust, allowing all the “doors” to be identifiable to all outside parties, and unlockable by all those that abide by these rules and have a legitimate right to open these doors.
In Part 1, we discussed how DirectTrust establishes Trust-in-Identity for Direct Secure Messaging through its trust framework, enabling millions of users and systems to communicate heath data securely from the workflow of HIT systems. In Part 2, we shared that DirectTrust seeks to extend our trust framework to other modalities including instant messaging between platforms.
Trust-in-identity is particularly important as a system scales up.
As healthcare data exchange has become a national phenomenon with a need to connect the 5,700 hospitals, the 230,000 practices, and thousands of interested others, for the benefit of the 1.3 million+ providers and 320 million citizens in the U.S., we need to know who we are connecting. The trust-in-identity tools in use on the public internet generally lack the assurance levels that are assumed to be required for the exchange of healthcare data. Knowing a user controls an account is one thing, but who are they anyway?
This post is part of a series examining trust-in-identity. Follow along for our next post for an overview of the art of identity-proofing, including why it is important, as well as why it has become much harder to accomplish.
This article was originally published on the DirectTrust blog and is republished here with permission.