34 Trust assurance in SSI ecosystems
Scott Perry CPA, CISA
In Chapter 11 on governance frameworks, we explain how the trustworthiness of digital transactions is assured through a framework of policies, accountability requirements, and skilled participants who play contributing roles for the benefit of all members of a digital trust ecosystem. This chapter explores how digital trust is created and maintained in such an ecosystem through the development and operationalization of a trust assurance framework to achieve the appropriate risk mitigation for all stakeholders. Scott Perry is the founder of a nationally-operating U.S. CPA firm specializing in cybersecurity consulting and auditing—and one of only a handful of CPA firms licensed to issue WebTrust opinion reports over Certificate Authorities who issue digital certificates to websites. Among his many other roles, Scott is also co-chair of the ToIP Governance Stack Working Group.
"Trust is like blood pressure. It's silent, vital to good health, and if abused it can be deadly."
Trust is a human concept. It is hard to quantify, yet humans clearly know if it’s not there. It binds people together stronger than commercial adhesive, yet you cannot see it, touch it, or taste it. There are enough books on the topic to fill a library, yet it seems that we still live in a world without trust.