In a sovereign trust architecture, the consumer himself decides what level of trust he requires in an individual and context specific manner. Every provider should present their issued attestations and certificates to the consumer to enable the consumer to make his or her decision by their own policies and rules. In contrast, an external consumer will request specific certificates before consuming the same nodes or assets.
The Trust Services are the technical implementation to enforce such policies for the usage of the decentral and self-sovereign provided capabilities.
The product scope covers the technology functionalities to ensure a consistent level of trust between all participants in GAIA-X can be established. The Trust Services API is used by the other GAIA-X components. Further features are as follows:
- Verification by applying standards like LD Proof Chains/Sets
- Establishing policy driven trust
- Providing the required trust anchors
- Ensuring trust-chains between multiple participants
Furthermore the Trust Services includes necessary tools (e.g. Command Line Scripts) to operate and maintain the created software components in an enterprise environment. The Policy driven approach will utilize the GitOps administration principles to manage the policies.