--- robots: noindex, nofollow --- # The Progressive Trust Life Cycle [Progressive Trust](https://www.blockchaincommons.com/musings/musings-progressive-trust/) is one of the keystones in Blockchain Commons' [architecture](https://developer.blockchaincommons.com/architecture/). It posits that digital trust needs to be modeled after how human trust works in the real world. Traditionally, people came together in a medium where their [personal data was innately minimized](https://www.blockchaincommons.com/musings/musings-data-minimization/) and gradually got to knew each other until they'd developed sufficient trust to engage in some interaction for mutual benefit, which could be anything from hiring someone as a contractor to marrying them. As social psychologist James W. Pennebaker said, "Conversations are like dances." It's a mature process that evolved over thousands of years. > "The basic idea behind progressive trust is to model how trust works in the real world" > —Christopher Allen, [Musings of a Trust Architect: Progressive Trust](https://www.blockchaincommons.com/musings/musings-progressive-trust/) (December 2022) Perhaps the internet was like that in its early days, when you met someone on a MUD or engaged in a `talk` and learned more about them over time. But when the internet became commercialized in the '90s, powerful institutions brought new models for interactivity. They gained economic benefit from _limiting_ what you could see. This allowed them to simplify usability and to create their own controlled communities, all of which increased their commercial viability, so limit they did. That's the internet that exists today. Centralized entities offer you restricted views of your fellows and provide binary choices on silver platters: trust or not. There are no shades of gray, there is no progression. Decisions are really made by them, not us. Web browsers offer an example. They tell us who to trust on the internet, but they do so without nuance. They tell us sites that have been able to acquire certificates, legimately or illegimately. They don't tell us sites with a record of stability, they don't tell us sites with a reputation for truth, and they definitely don't tell us who to trust on those sites. This is just one of the places that progressive trust can benefit the internet, for trust isn't black and white: it exists in a world of gray. Fortunately, the wheel is turning again. The modern internet offers distributed and decentralized systems that put choice back into the hands of individuals, allowing them to make decisions without the coercion, censorship, and unbalanced power of centralized systems. This allows the creation of systems where a user isn't served up binary choices for trust based on limited information. Technologies such as [data minimization and selective disclosure](https://www.blockchaincommons.com/musings/musings-data-minimization/) improve the situation even more. They can further protect our human dignity and choice by letting us choose to slowly (progressively) reveal our own information over time. We just need to normalize these technologies and apply them to human interactions that have been warped by the 21st century corpocratic control of the internet. We need to apply them fully in order to fully _trust_. > "Adapt Locally ... Govern Locally" > —Christopher Allen, [10 Design Principles for Governing the Commons](https://www.lifewithalacrity.com/article/10-design-principles-for-governing-the-commons/) What follows is a life cycle that demonstrates the steps of progressive trust that are simultaneously automatic in the real world and ignored in the digital world. It includes use cases that demonstrate the important of progressive trust: * **Personal Contracts.** Personal interactions are the ground level for progressive trust. The simple act of hiring a carpenter demonstrates its foundations. This is the default use case for this life cycle, and one that is purposefully written as existing in a physical (not digital) world. * **Journalistic Integrity.** Journalists and newspapers must trust each other before they are willing to stake their reputations on each other. * **Bitcoin.** The first successful e-cash system was also the first successful example of a progressive trust system. * **Wellness Data.** Clinical studies want to access individual activity tracker data, and individuals want to support the public good. * **Educational Credentials.** Credentials must be signed by trusted authories. * **Software Supply Chain.** Software needs to be verified as free of malware and signed by appropriate developers to be trusted. ## Life Cycle Overview The following sequence digram _roughly_ outlines the steps of the progressive trust life cycle: ```mermaid sequenceDiagram actor First Party participant Validator actor Second Party First Party->Second Party: 0. Context [⁉️] First Party->Second Party: 1. Introduction [🗒️] Second Party->>Validator: 2. Wholeness [🗒️] Validator->>Second Party: [☑️] Second Party->>Validator: 3. Proofs [🗒️] Validator->>Second Party: [☑️] Second Party->>Validator: 4. References [🗒️] Validator->>Second Party: [📚] Second Party->>Community: 5. Requirements : [🗒️📚] Community->>Second Party: [☑️] Second Party->>Second Party: 6. Approval [☑️] Second Party-->>Approver: 7. Agreement Approver-->>Second Party: [☑️] First Party->Second Party: 8. Fulfillment [📕] Community-->>Inspector: 9. Escalation [📕] Inspector-->>Community: [☑️] Second Party-->>Community: 10. Dispute [📖] ``` There are three major caveats. First, the phases are two-sided. Progressive Trust is the act of two parties coming together for mutual benefit. Though there is sometimes a power or reputation disparity (as between a green journalist and a newspaper of record), ultimately both parties must be satisfied with their partner. Thus in the diagram above, phases 1 & 8 are bipartite. Phases 2-7 and 9-10 may then be engaged in by both parties. A more complex (and harder to read) sequence digram would show each of the two parties engaging in each of those phases. Second, this is an iterative process. Sometimes progressive trust will fail a test at some phase in this process, forcing the actors to go back to previous phases to gain sufficient trust to pass the tests. This is outlined in **Success:** descriptions of each phase. Third, the goal of these phases is explicitly not to achieve binary trust, but to achieve trust in gradients of grayscale: each actor creates a trust model, compares it to their risk model, and decides if the trust is sufficient to offset the risk or not. That's the whole purpose of Progressive Trust: to return things to this pragmatic assessment rather than the current model of trust on the internet, which primarily involves pushing "OK" buttons when Google says things are fine. ---- ### 0. **Context** *(Interaction Considered)* - **Description**: Contemplates an interaction that is intended to work in some _mutually beneficial_ way, including its requirements and possible results and determines whether a progressive-trust model is required at all, or if some simpler, binary model of trust might be sufficient. Basically, if the interaction low-risk, low-cost, or low-value enough that you don't need to go to the trouble of a complex progressive trust methodology? - **Actors:** Two parties, individually. - **Action:** Consider interaction and its environment. Determine if trust is needed, and if it is, determine if complex progressive trust methodology is required. - **Success:** Progressive trust is needed! - If progressive trust is not needed, use a no-trust, trustless, or binary-trust model, and ignore the rest of the phases in the progressive-trust model. - **Use Case (The Kitchen Remodeling):** Hank the Homeowner considers hiring someone to do some remodeling for his kitchen. He expects it'll be a costly job that will have repercussions on his home for the rest of the time he lives there. In addition, he'll need to give any contractors access to his home, likely even while he's away at work. This is a prime example of a situation where a gradiated model of trust is going to need to be assessed against a risk model, thus there's a need for progressive trust. Hank will also need to consider his budget, and otherwise ensure he's ready to hire someone. - **Lexicon**: * **Key Terms:** * ___Active Verbs.___ CONSIDER, plan, survey. * ___Objects.___ INTERACTION, context, ecosystem, environment. * **Etymology:** * ___Context.___ Originally from the Latin "contexere", meaning "to weave together." It's about looking at the overall gestalt of an interaction and determining the appropriate way forward. * ___Interaction Considered.___ "Interact" is a relatively new, 19th century word, that means to "act on each other". It has Latin roots. "Consider" is from the Latin "conidererare", neaking "to look at closely". This is the act of closely examining the way that two parties will work together. ---- ### 1. **Introduction** *(Assertions Declared)* - **Description**: Establishes the starting point for a trusted interaction by parties indicating a desire to work together and laying the groundwork for subsequent evaluations by revealing some information and eliding or obscuring other. - **Actors:** Two parties. - **Action**: Make public assertions, claims, and declarations. Outline desired interaction and reveal some data assets, ensuring transparency and setting expectations. Also, define encrypted or elided data or other secrets through the establishment of a path to a process to obtain the missing data. - **Success**: Sufficient initial assertions, claims, and declarations are formally documented and available to provide a clear starting point for a trusted interaction. - **Use Case (The Kitchen Remodeling):** Hank meets Carla the Cabinet Maker at a picnic for their softball team. Hank talks to her about wanting to remodel his kitchen. Carla gives him her card and says to call to get some testimonials. - **Lexicon**: - **Key Terms**: - ___Active Verbs.___ DECLARE, assert, commit, establish, introduce, reveal. - ___Objects.___ ASSERTION, initial claim, inception commit, origin, public declaration. - ___Reactive Verbs.___ ACCEPT. - **Etymology:** - ___Introduction.___ From the Latin "introducere", meaning to "lead in" or "bring in". Both participants are being brought in to a trusted interaction. - ___Assertions Declared.___ The term "assert" comes from the Latin "assertus," meaning "to claim," while "declare" comes from "declarare," meaning "to make clear." Together "Assertions Declared" emphasizes the initial step of publicly or officially stating and clarifying key claims or intentions, setting a transparent foundation for subsequent interactions. ---- ### 2. **Wholeness** *(Integrity Assessed)* - **Description**: Checks the data assets laid as the foundation of an interaction to measure their quality and determine that they are technically correct and sufficiently whole. - **Actor**: Either party acting as or interacting with a validator. - **Actions**: Perform thorough checks to ensure the structure and format of data assets are intact, sufficiently complete, and meet expected standards. Check for consistency based on historical data, but not based on cryptographic checks. - **Success**: The foundational structure, integrity, quality, and wholeness of the data assets are confirmed, ensuring they are well-formed and free from corruption. - If data fails Integrity Assessment, a new Introduction is requested that is whole (phase 1). - **Use Case (The Kitchen Remodeling):** Hank examines Carla's business card and sees that it's professionally designed and printed. He verifies that it has expected data, such as a name, phone number, and licensed contractor # and that they fit the proper formats for that data. (Similarly, Carla has already assessed that Hank's job matches her skillset and verified that he's a real person. She'll continue to mirror all of the progressive trust extensions in the following steps as well.) - **Lexicon:** - **Key Terms**: - ___Preparatory Verbs.___ STRUCTURE, cohere, order, organize. - ___Active Verbs.___ ASSESS, validate. - ___Objects.___ INTEGRITY, consistency, wholeness. - **Etymology:** - ___Wholeness.___ From the proto-Germanic "haila" meaning undamaged. This is data that is structurally sound. - ___Integrity Assessed.___ The term "integrity" comes from "integritas," meaning "whole" or "untouched," indicating a state of being complete and unaltered (but the latter will be more relevant in the next phase). "Assessed" is derived from the Latin "assidere," meaning "to sit by" or "assist in judging," which implies evaluating or estimating the nature, quality, or ability of something. Together, "Integrity Assessed" emphasizes the careful examination and judgment to confirm that all elements are intact, reliable, and unblemished. It's the first phase in progressive trust. ---- ### 3. **Proofs** *(Secrets Verified)* - **Description**: This step follows foundational wholeness verification and adds a layer of security by ensuring that cryptographic contents or other secrets are valid. This step demonstrates how modern technology really shines, because it's made algorithmic checks of this sort possible. Non-cryptographic secrets can be checked as well. - **Actor**: Either party acting as or interacting with a validator. - **Action**: Verify secrets. Assess non-cryptographic secrets via investigatory means. Check hashes, signatures, zero-knowledge proofs, or other cryptographic methods to ensure that data hasn't been tampered with. - **Success**: Secrets are verified to confirm their authenticity, either by investigation or by cryptographic proof. - If data fails Cryptography Verification, a new Introduction is requested with verifiable Proof (phase 1). - **Use Case (The Kitchen Remodeling):** Hank has called Carla to receive names and phone numbers for a few testimonials about her work. These testimonials are non-cryptographic secrets since they're not publicly known. He looks up the names he's been given in a phone book and verifies that they indeed correlate with the phone numbers. - **Lexicon**: - **Key Terms**: - ___Preparatory Verbs.___ ENCODE, hash, sign. - ___Active Verbs.___ VERIFY, authenticate. - ___Objects.___ SECRET, hash, proof, signature - **Etymology**: - ___Proof.___ From the Latin 'probare', to test. This is the scientific method where something can be examined to produce a _true_ or _false_ result. - ___Secrets Verified.___ "Secret" comes from the Latin "secretum" meaning "a thing hidden". (Note that "cryptography" is closely related but with a different root: it comes from the Greek "kryptós," meaning "hidden" or "secret," combined with "graphia," meaning "writing.") The term "verify" is derived from the Latin "verificare," meaning "to make true." Together, "Secrets Verified" means determining that hidden things are true and confirms the truth and accuracy of introductory information, ensuring it is genuine, unaltered, and secure. ---- ### 4. **References** *(Trust Aggregated)* - **Description**: This step involves the collection from multiple sources of trust references declared within initial data assets, including certificates, endorsements, and other trust indicators, which together form a comprehensive view of trustworthiness to inform subsequent interactions. It may also involve collection of trust references from third parties _not_ mentioned in the original Introduction. It's likely that _all_ trust references are not collected: a party collects until they feel that they have enough; they could always return to this step in the future if needed. - **Actor**: Either party acting as or interacting with a validator. - **Action**: Gather trust declarations from various sources according to your trust model, aggregating them to create a grayscale vision of trust. Stop when you have enough. - **Success**: Sufficient trust declarations are aggregated, providing a comprehensive view of trust from multiple sources. - If insufficient trust declarations are aggregated, references may be rechecked until sufficient are collected (phase 4). - If insufficient trust declarations are aggregated, a new Introduction may be requested with different or additional references (phase 1). - **Use Case (The Kitchen Remodeling):** Hank checks Carala's contractor # in the state databasae and calls up her references for their testimonials. He calls up the phone number on her business card and assesses the professionalism of her office manager's response. Finally, he asks friends and family to see if anyone has heard about her. He then synthesizes those responses into an overall (but not binary) picture of her trustworthiness for this task. - **Lexicon:** - **Key Terms**: - ___Preparatory Verbs.___ ENDORSE [entity]. - ___Active Verbs.___ AGGREGATE, check, look up, synthesize. - ___Objects.___ TRUST, declarations, references, trust model. - **Etymology:** - ***References.*** From the Latin "referre", meaning to carry back. In this case, carrying back information. - ***Trust Aggregated.*** The term "trust" originates from the Old Norse "traust," meaning "confidence" or "protection." "Aggregated" comes from the Latin "aggregare," meaning "to collect" or "to bring together." Together, "Trust Aggregated" emphasizes the gathering and synthesis of diverse trust data, providing a holistic picture of credibility and reliability, rather than making a binary judgment. --- ### 5. **Requirements** *(Community Compliance)* - **Description**: Following validation of initial and linked data assets, community standards are checked to determine how an interaction would fit into general expectations for the space. Compliance may be determined through peer-to-peer mechanisms (for communities); or through decisions from higher authorities (for hierarchical networks). This will often involve the revelation of additional data beyond the initial assets, which is a normative part of the progressive trust process. - **Actor**: Either party interacting with a community of mutual benefit. - **Action**: Evaluate whether the authenticated data assets meet related community standards, policies, and requirements, ensuring adherence to expected criteria. Request and authenticate additional data assets as necessary. - **Success**: The content is deemed in compliance with community requirements. - If data fails Community Compliance, it may be outright rejected or a new compliant Introduction may be requested (phase 1). - **Use Case (The Kitchen Remodeling):** Hank determines that Carla's contractor # is indeed the standard to prove expertise for this sort of work. He requests a quote and verifies the costs fit within expectations for the work. He then requests a contract and compares it to sample contracts. - **Lexicon:** - **Key Terms**: - ___Request Verbs.___ CHECK [standards], request [requiements]. - ___Additional Parties.___ COMMUNITY, peers. - ___Active Verbs.___ COMPLY, cerify, standardize, test. - ___Objects.___ REQUIREMENTS, expectations, policies. - **Etymology:** - ***Requirements.*** From the Latin "requirere", "to ask for (something needed)". - ***Community Compliance.*** The term "community" comes from the Latin "communitas," meaning "a fellowship" or "a group with a common interest." Compliance derives from the Vulgar Latin "complire", which is to fulfill, making compliance the act of fulfilling. "Community Compliance" is thus the fulfillment of the needs of a group. --- ### 6. **Approval** *(Risk Calculated)* - **Description**: Having done all of the third-party trust validation possible, progessively expanding trust with new data assets along the way, each actor must now decide whether they want to interact with the counterparty. Approval may be final or it may require additional threshold approval (optional phase 7). - **Actor**: Both parties. - **Action**: Examine gradiated grayscale trust model, calculate its risk focusing on real-world consequences and likelihoods, and compare that to the party's own risk model and their goals and desires. Provide authority for approval, or initial authority if additional Agreement is required. - **Success**: Risk level determined by progressive trust is determined to fit within risk model of party. - If interaction fails risk assessment, it may be outright rejected or a new de-risked Introduction may be requested (phase 1). - **Use Case (The Kitchen Remodeling):** Hank and Carla sign a contract. Hank provides a deposit and Carla provides a start date. - **Lexicon**: - **Key Terms**: - ___Active Verbs.___ APPROVE, authorize, OK. - ___Objects.___ RELEASE. - ___Related Verbs.___ CALCULATE [risk]. - ___Related Objects.___ RISK MODEL. - **Etymology**: - ___Approval.___ From the Latin "approbare", meaning to "regard as good". This is the act of determining something is good (or in this case whether an interaction lies within each party's risk model). - ___Risk Calculated.___ The Italian "riscare" means "run into danger," and has uncertain origins. The Latin "calculare" means "to reckon, compute." "Risk Calculated" is thus the computation of whether one will run into danger. ---- ### 7. **Agreement** *(Threshold Endorsed)* [optional] - **Description**: An actor obtains additional consent through agreements from additional entities until they reach a sufficient threshold. This is an _optional_ step; many actors will skip straight to phase 8. - **Actor**: Either party interacting with another entity. - **Action**: Secure approval from additional entities until sufficient threshold is reached to support final agreement for an interaction. - **Success**: External agreements are obtained. - If insufficient agreements are collected, Threshold may be rechecked until sufficient are collected (phase 7). - If insufficient agreements are collected, data may be outright rejected or a new Introduction may be requested that would receive Threshold approval (phase 1). - **Use Case (The Kitchen Remodeling):** Hank gets agreement from his wife, Heidi, over the cabinet work. Carla gets a permit from the city. - **Lexicon:** - **Key Terms**: agreement, endorse, threshold - ___Request Verbs.___ REQUEST [approval]. - ___Additional Parties.___ SIGNER. - ___Active Verbs.___ AGREE, endorse. - ___Objects.___ THRESHOLD, release. - **Etymology:** - ___Agreement___. From the Latin "gratum," meaning "pleasing, welcome". This is the determination of whether something is welcome to multiple parties. - ___Threshold Endorsed___. The word "threshold" has an unknown etymology, and it's also evolved over time. The Old English "þrescold" was a door-sill, which is to say a boundary. A more modern definition abstracts that to mean "a level, rate, or amount at which something comes into effect." The word "endorse" similarly evolved over the years, this time from the French "endosser", which meant to write on something's back (the "dorsal" side) and came to mean to approve something by writing on its back. That's particularly relevant here because the endorsement is an addendum to the official agreement on the "front". You put together those transformative words into "Threshold Endorsed" and you have a level over which additional approval occurs. ---- ### 8. **Fulfillment** *(Interaction Finalized)* - **Description**: Finalizing an initial agreement and actually engaging in the interaction. This is the point of no return, after which the actors can't simply walk away, possibly due to contracts, guarantees, warrantees, or other sorts of responsibility or maybe just due to the possibility of losing face. - **Actor:** Both parties. - **Action:** Engage in interaction, doing any work, making any payments, and offering any other exchanges that were agreed upon. - **Success**: Interaction occurs per agreed upon rules. - If interaction does not occur, actors may need to repeat the process (phase 8). - If part of interaction does not occur, one actor may need to Dispute (phase 10). - **Use Case (The Kitchen Remodeling):** Carla does the work. Hank pays her. - **Lexicon:** - **Key Terms**: finalize, fulfillment, interaction. - ___Active Verbs.___ FINALIZE, fulfill. - ___Objects.___ INTERACTION. - **Etymology:** - ___Fulfillment.___ The Old English "fullfyllan" means "fill up", while the Latin suffix "-ment" turns that from a verb into a noun. - ___Interaction Finalized.___ Interact as we saw means to "act on each other". Final is from the Latin "finalis", meaning the end. Overall, this is about a finalization of the decision of how entities work work together for mutual benefit. ---- ### 9. **Escalation** *(Independently Inspected)* [optional] - **Description:** Following the initial fulfillment, a third party may be called in. Whether this is needed or not is determined by the risk model of the actors (going back to phase 6). A third party can assess whether the interaction occurred in compliance with the contract. In order to do so, the inspector may repeat some of the steps to date, including going through their own Validation (steps 2-4) and Approval (steps 6-7). Alternatively, they may repackage or reuse the results of the interaction for their own purposes, more implicitly endorsing it. - **Actor**: The community or either party interacting with an inspector. - **Action:** Validate, approve, and potentially endorse the results of an interaction. Or reject it. - **Success**: The interaction is independently endorsed. - If interaction is not endorsed, Fulfillment (phase 8) may have to be repeated by the counterparty. - If interaction is not endorsed, the actor requesting the Inspection may need to Dispute (phase 10). - **Use Case (The Kitchen Remodeling):** A city inspector verifies that Carla's work is up to code. - **Lexicon:** - **Key Terms**: - ___Request Verbs.___ ESCALATE, request [inspection]. - ___Additional Parties.___ INDEPENDENT THIRD-PARTY. - ___Active Verbs.___ INSPECT, approve, confirm. - **Etymology:** - ___Escalation___ From the escalator, and so it just means to raise up. - ___Independently Inspected.___"Independently" is derived from the Latin "independens," meaning "not hanging from something," indicating a state of being free from outside control or influence. "Inspected" is from the Latin "inspicere" meaning "look at" or "look into". It implies a close examination. "Independently Inspected" is something that is looked at by some entity beyond the control of the two parties. --- ### 10. **Dispute** *(Independently Arbitrated)* [optional] - **Description:** Something may go wrong in an interaction, which may require a third-party to step in to abitrate. In a progressive-trust interaction, this will often require the revelation of additional data for evidentiary purposes that was obscured or elided in phase 1. - **Actor**: Either party, or even a third-party, interacting with an community arbitrator. - **Action:** Reveal elided or obscured information, produce affidavits, and otherwise expand public knowledge as is necessary to settle disputes over interaction. Ultimately, determine who is liable and for what. - **Success**: Revealed information matches hashes of original data, proving that it was the source of the original data. Or it wasn't. Affidavits support resolution of dispute. Or they don't. In either case, an arbiter is able to make a decision about how to proceed. - **Use Case (The Kitchen Remodeling):** Hank's 20 pound cat jumps on a cabinet and causes it to collapse. Hank and Carla reveal contracts and the arbiter combines that with public information from inspections and research into load capacities to determine Carla didn't anchor the cabinets correctly. She is found liable for repair and damages. The information on this dispute may unfortunately come up when Carla's References are checked in the future by another Actor (phase 4). - **Lexicon:** - **Key Terms**: - ___Request Verbs.___ DISPUTE. - ___Additional Parties.___ INDEPENDENT THIRD-PARTY. - ___Active Verbs.___ ARBITRATE. - **Etymology:** - ___Dispute.___ From the Latin "dis-" (separately) and "putare" (consider). It's literally considering apart, which is a great description of arbitrating between two parties. - ___Independently Arbitrated.___ As we've already seen, "Independently" means being free from outside control or influence. "Arbitrated" comes from the Latin "arbitratus", which means to "give a decision", so this is an independent decision. --- ## Final Notes Progressive trust is hard! We discover that this is the case with many real-world interactions when we try to translate them to a digital medium. That's because we've often translating subconscious and automatic steps into programmatic phase. But, progressive trust is also rewarding. It's a process that we've developed over thousands of years of interacting with each other in civilized society. Revealing information, checking it, revealing more, and ultimately coming to an agreement: that's how real-world interactions work. By remodeling that in the digital medium, we can bring digital interactions up to the same standards, and thus ensure they have the same chances of success. ## Appendix I :Additional Use Cases ### Journalistic Integrity #### Phase 0: Context Journalist Upton S. considers whether to begin an extensive investigation into the conditions in slaughterhouses. He thinks about the possible benefits and the costs in doing so, and also surveys the publishing ecosystem, to see if anyone has enough independence to publish such an exposé. #### Phase 1: Introduction Upton takes (secret) photographs, interviews slaughterhouse workers and owners, and logs all those sources. He then writes an article based on that material. Upton pitches the article to _The Chicago Tribune_. He includes the full article, the photographs with location and time partially obscured (to protect privacy), and the source interviews entirely elided. Hashes are available for everything, whether it's elided or not. Upton personally signs both his obscured content (to record the changes) and the data package as a whole. #### Phase 2: Wholeness _The Tribune_ has a required data format for prospective articles to avoid spam and AI submissions. They verify that Upton's proposal matches the expected submission format, that hashes are present for all data, and that signatures are present for the overall package and for any altered data, to maintain the transparency of the materials. #### Phase 3: Proof Much of Upton's data can be verified cryptographically. _The Tribune_ verifies the signatures that Upton's camera placed on his photos as well as the signature he himself made for obscurations and the whole package. Upton has in the meantime required that _The Tribune_ sign messages sent to gun with their private key, which he has been able to verify against a PKI, so he knows he's talking to _The Tribune_ and not a slaughterhouse owner in disguise. This makes Upton feel comfortable enough to reveal additional secrets: he tells _The Tribune_ exactly what slaughterhouses he visited and reveals GPS data that proves that he (or at least his phone) was indeed at those locations. (He still obscures the timestamps so that they're only accurate to the month, so as not to endanger slaughterhouse workers who assisted him). #### Phase 4: References _The Tribune_ checks all references in the data package. For photographs, this likely means checking a root certificate for the camera. For Upton's signatures, this means checking his public key and any DID information. Some of these references may have another layer of certification and endorsement: _The Tribune's_ validator must recursively dig through it until they have the complete picture. Since this would be a major exposé, _The Tribune_ goes the extra mile and also investigates Upton's previous publication of four well-received novels and even reaches out to Columbia University where he matriculated. Upton meanwhile continues his own trust investigation as well, talking with journalists about how _The Chicago Tribune_ has treated them and their sources. #### Phase 5: Requirements Due to progressively increasing trust, Upton again reveals more information to _The Tribune_, this time writing an essay on how he gathered his information by working incognito in slaughterhouses for more than a year. _The Tribune_ dutifully hashes and elides this data so that it can be proven later if required. Upton's editor, Joseph M., is a little uncomfortable with the deceit implicit in Upton's working incognito and has to check this against community standards. He finally decides it's OK because Upton states (and creates a signed statement) that he fulfilled his contractual obligations to the slaughterhouse while doing so. Joe also notes a few places in the article where claims aren't backed up by sufficient sources, which is definitely in violation of community standards. Upton cuts a few, but is able to support the others. This results in the Introduction of a new draft, which must be checked for Wholeness, Proof, References, and ultimately Requirements, resulting in a partial repeat of Phases 1-5. #### Phase 6: Approval Joe makes a final assessment of the credibility of all of Upton's sources and information. He compares that trust model to his risk model, which notes the huge economic power of slaughterhouses in Chicago. There's high trust, but there's high risk. Joe ultimately approves the article because he feels that the article also offers a high fulfillment of _The Tribune's_ goal of bettering the Chicago public. #### Phase 7: Agreement The high risk of the article requires Joe to run it by _The Tribune's_ Board of Trustees. One member is in the pocket of Big Meat in Chicago and he votes no on running Upton's article, but the rest of the board members vote yes, and that's sufficient threshold to provide Agreement. #### Phase 8: Fulfillment _The Tribune_ publishes Upton's article, "The Jungle". It appears on the website immediately and in a printed paper the next day. #### Phase 9 Inspection Big Meat in Chicago throws a fit. They claim everything is made up. Snopes.com investigates and rates Upton's article as "True". #### Phase 10 Dispute One particular slaughterhouse sues _The Tribune_ and Upton claiming that Upton never visited their slaughterhouse. Upton partially unseals his GPS information, proving that he was there (while still obscuring the exact timestamps, but it's sufficient for the judge). ### Bitcoin #### Phase 0: Context Bob needs to pay an invoice Alice has submitted. He wants to use Bitcoin. Alice and Bob both affirm they have access to Bitcoin. Fees are determined to be low enough as a percentage compared to what Bob needs to send Alice for a Bitcoin transaction to make sense. #### Phase 1: Introduction Bob creates a PSBT that collects together several UTXOs. It will send funds to Alice and send the rest back to his change address, minus a transaction fee. #### Phase 2: Wholeness Bitcoin checks that both of the addresses that Bob is sending to are correctly formed and otherwise ensures that the PSBT is whole (minus signatures). #### Phase 3: Proofs Bitcoin verifies that Bob has access to one of the keys needed to sign the PSBT. But, the UTXOs are locked with multisigs! It warns him that he doesn't have all the keys necessary to finalize the PSBT! #### Phase 4: References Bitcoin verifies the funds in the UTXOs by looking at _their_ inputs. #### Phase 5: Requirements Bitcoin checks the fee on the PSBT to ensure that it's high enough for the PSBT to be transmitted in a reasonable amount of time. #### Phase 6: Approval Bob uses his key to sign the PSBT. #### Phase 7: Agreement Bob forwards the PSBT to Carol, who also signs the PSBT. This is sufficient threshold to transmit the full transaction. #### Phase 8: Fulfillment The transaction goes into the mempool, is collected into a block, and the funds are recorded as transferred to Alice's address. #### Phase 9: Inspection Alice's exchange, Squiddie, gives her access to the funds when it verifies the block has been confirmed six times. #### Phase 10: Dispute Because Bitcoin prices dropped during the hour and a half that it took the transaction to be entered in a block and then sufficiently confirmed, Alice claims that Bob and Carol didn't send her enough money. Bob reveals the value of Bitcoin that he recorded, signed, and timestamped at the time the transaction was created, and it shows that Alice was paid the proper amount. ### Wellness Data #### Phase 0: Context A clinic considers a new health study that will collect steps records and heart rates to assess the rapidity of the degradation in heart health for users who fall off their fitness plans. They assess the technology of modern activity trackers and determine the accuracy is sufficient for their needs. They also informally poll users to determine whether enough will be willing to participate in the study. #### Phase 1: Introduction Users can choose to sign up by registering anonymized demographic data with the clinc. Their activity trackers then will report initial test data by sending samples of heart rate and step data. #### Phase 2: Wholeness The clinic assesses the format of the test data from each study member to ensure the data format is compatible with their needs. They're forced to disqualify some members who have very old or very cheap trackers, sometimes because they don't format data correctly and sometimes because they report too little. #### Phase 3: Proofs Each data entry is signed by the wellness tracker that sent it. The clinic makes sure both a signature and a hash verify the data has not changed. (If a participant ever submits data that is not properly signed or hashed, all of their data is segregated from the rest of the study.) #### Phase 4: References When the clinic gets test data from a new brand of activity tracker, it must check references. Cryptographically, they verify the the public key of the brand's signature against a PKI. #### Phase 5: Requirements The clinic does additional research to verify that all of the data they're collecting meets community requirements. Some trackers are reporting too much data, violating community privacy standards and possibly putting the clinic's HIPAA compliance in question. Their data is rejected from the study. Some trackers are determined to report heart rates or step counts that are more than 10% off, affecting the study's accuracy. Their data is also rejected. #### Phase 6: Approval Having whittled down their data set to reliable, whole, well-formatted data, the clinic signs an agreement with all remaining volunteers to include their data in their clinical study. #### Phase 7: Agreement Some volunteers are minors, in which case their parents must also sign off. #### Phase 8: Fulfillment The clinic now collects data from remaining participants over a one-year period. It's sent whenever the participants sync their trackers. Afterward, they publish a paper on the results, eliding and anonymizing much of the data, but maintaining hashes to allow proof of the data in the future. #### Phase 9: Inspection After publication, a statistician does a supplemental study, which cross-references the clinic's data against their demographic information, revealing new results on how exercise abandonment affects different demographics differently. #### Phase 10: Dispute A doctor claims the study results aren't accurate after a certain Activity Tracker is determined to have inaccurate results for people with certain skin tones. The clinic partially unelides their clinical data to prove that tracker was not used (because they'd already learned about the inaccuracy in Phase 5). ### Educational Credentials #### Phase 0: Context Cyber U. creates a credential program for computer security engineering. They detail their curriculum and the certifications available. `cybercat_2382`, already an expert in cyber security, considers the reputation of their program decides that a credential would be helpful. #### Phase 1: Introduction Cybercat whizzes through the program, achieves a degree in advanced cybersecurity, and uses that to apply for a job at E-Corp. #### Phase 2: Wholeness E-Corp assesses the structure and format of Cybercat's credentials to ensure that transcripts, grades, and the diploma are correctly formatted and unaltered. #### Phase 3: Proofs E-Corp checks Cyber U's signatures of the transcripts and diplomas. Digital badges included in the package are also checked for their authenticity. #### Phase 4: References E-Corp checks Cyber U's accreditation as well as the roots of trust used to verify their signatures. #### Phase 5: Requirements E-Corp checks that the classes that Cybercat took meet the expected requirements for a Cyber security degree and that other companies in the space respect Cyber U's certifications. #### Phase 6: Approval E-Corp's HR department puts the stamp of approval on the Cyber U credentials, allowing Cybercat's application to advance. #### Phase 7: Agreement `e_mgmt_291` receives Cybercat's application and decides to set up an interview with them. It's virtual, of course. #### Phase 8: Fulfillment E-Corp hires Cybercat. Their credentials are entered into the company database. #### Phase 9: Inspection E-Corp sends Cybercat out to a client site. To prove their certification, they sent the client a copy of Cybercat's credentials, but elided to remove some of Cybercat's personal data. #### Phase 10: Dispute Ten years on, a class-action lawsuit is filed against Cyber U for negligent misrepresentation, fraud, and breach of contract. Though Cybercat initially had some success with their degree, such as at E-Corp, over time corporate acceptance of Cyber U quickly faded due to the low quality of other recruits. Cybercat joins the class-action suit, revealing enough of their credentials to prove that they were a student there. ### Software Supply Chain #### Phase 0: Context Digital-Assets Inc (DAI) considers GitHub as a distribution method for their software and ultimatel determines that it has sufficient trust and is sufficiently pratical to use. #### Phase 1: Introduction DAI produces open-source software called Gordian Guardian, a new asset-protection app. They assert the existence and purpose of a repository for Gordian Guardian and declare the initial (inception) commit and its purpose. #### Phase 2: Wholeness Arthur of Asset Analysis is considering using Gordian Guardian to protect his company's digital assets. He runs software checks to verify that the repo's files and metadata are uncorrupted from their origin, ensuring the integrity of the source code. He checks the formatting of source code and metadata to ensure they match the requirements of the repository. #### Phase 3: Proofs Blockchain Commons signs its commits, tags, releases, and other metadata with SSH signatures, ensuring that all changes are verifiable and enabling further validation of the commit history. GitHub clearly shows commits that are __Verified__. Arthur verfies those and also hand-checks the SHA256 hashes and detached signatures in Gordian Guardian's newest release. #### Phase 4: References The inception commit for the Gordian Guardian repo acts as a root of trust. When a new engineer begins signing releases, their public key is in turn signed with the private key from the inception commit or else a private key whose public key was _previously_ signed. This creates a chain of trust. When Arthur examines the repo, he can thus reference signing keys all the way back to the key from the inception commit, via this chain. Arthur also needs to check references for external libraries and dependencies to ensure their reliability. Besides verifying their signatures and commits, Arthur also examines these users' other projects and reads their repo issues to determine their general reputation in the space. #### Phase 5: Requirements Arthur assesses whether DAI's releases meet Asset Analysis' standards. Do they respond to important Issues within a reasonable amount of time? Do they have a documented code review system and does it meet Asset Analysis' standards? Is software offered for third-party security review prior to its finalization for use in deployed systems? He likes the answers he gets, so checks off Requirements. #### Phase 6: Approval After fully assessing the validity of DAI's commits, the profiles of its developers, and the trustworthiness of its third-party libraries, Arthur makes a final call that it's safe to use Gordian Guardian. #### Phase 7: Agreement Because Gordian Guardian will be used to protect real assets, Arthur needs to get agreement from Asset Analysis' CFO, which he does. #### Phase 8: Fulfillment Arthur clones the Gordian Guardian repo and builds the app. #### Phase 9: Inspection Twice a year, a third-party is required to inspect Asset Analysis' asset management, since it includes client assets. Arthur turns over all of his information on Gordian Guardian to the inspectors, and they agree that it meets required certification standards. #### Phase 10: Dispute One of Asset Analysis' clients complains about their use of an open-source project. Arthur displays to them not just the information he collected on Gordian Guardian, but also the confidential report from the third-party inspectors verifying that it meets certifications standards. ## Appendix II: Language Summary * **Phase 0. Context.** - ___Active Verbs.___ CONSIDER, plan, survey. - ___Objects.___ INTERACTION, context, ecosystem, environment. * **Phase 1. Introduce.** - ___Active Verbs.___ DECLARE, assert, commit, establish, introduce, reveal. - ___Objects.___ ASSERTION, initial claim, inception commit, origin, public declaration. - ___Reactive Verbs.___ ACCEPT. * **Phase 2. Wholeness.** - ___Preparatory Verbs.___ STRUCTURE, cohere, order, organize. - ___Active Verbs.___ ASSESS, validate. - ___Objects.___ INTEGRITY, consistency, wholeness. * **Phase 3. Proofs.** - ___Preparatory Verbs.___ ENCODE, hash, sign. - ___Active Verbs.___ VERIFY, authenticate. - ___Objects.___ SECRET, hash, proof, signature * **Phase 4. References.** - ___Preparatory Verbs.___ ENDORSE [entity]. - ___Active Verbs.___ AGGREGATE, check, look up, synthesize. - ___Objects.___ TRUST, declarations, references, trust model. * **Phase 5. Requirements.** - ___Request Verbs.___ CHECK [standards], request [requiements]. - ___Additional Parties.___ COMMUNITY, peers. - ___Active Verbs.___ COMPLY, cerify, standardize, test. - ___Objects.___ REQUIREMENTS, expectations, policies. * **Phase 6. Approval.** - ___Active Verbs.___ APPROVE, authorize, OK. - ___Objects.___ RELEASE. - ___Related Verbs.___ CALCULATE [risk]. - ___Related Objects.___ RISK MODEL. * **Phase 7. Agreement.** - ___Request Verbs.___ REQUEST [approval]. - ___Additional Parties.___ SIGNER. - ___Active Verbs.___ AGREE, endorse [approval]. - ___Objects.___ THRESHOLD, release. * **Phase 8. Fulfillment.** - ___Active Verbs.___ FINALIZE, fulfill. - ___Objects.___ INTERACTION. * **Phase 9. Escalation.** - ___Request Verbs.___ ESCALATE, request [inspection] - ___Additional Parties.___ INDEPENDENT THIRD-PARTY. - ___Active Verbs.___ INSPECT, approve, confirm. * **Phase 10. Dispute.** - ___Request Verbs.___ DISPUTE. - ___Additional Parties.___ INDEPENDENT THIRD-PARTY. - ___Active Verbs.___ ARBITRATE. ---- [ARTICLE ENDS HERE] ---- # Holistic Credibility Lifecycle (Chris' Previous Draft) 1. **Assertions Declared** - **Description**: Establish the starting point by making statements or claims about the data asset, portions of which are then declared publicly or disclosed to another party and the remainder of which (for instance for elided or encrypted data) is defined through the establishment of a path to a process to obtain the missing data. This step lays the groundwork for subsequent evaluations. - **Etymology:** The term "assert" comes from the Latin "assertus," meaning "to claim," and "declare" comes from "declarare," meaning "to make clear." This phrase emphasizes the initial step of publicly or officially stating and clarifying key claims or intentions, setting a transparent foundation for subsequent processes. - **Action**: The creators of the data asset make initial assertions and declarations about it. - **Process**: Publicly or officially declare and commit to the statements or claims, ensuring transparency and to set expectations. - **Success**: Sufficient initial assertions, claims and declarations are formally documented and available, providing a clear starting point for further evalation. - **Actors:** Committed-by, Created-by - **Key Terms**: inception, commit, initial claim, public declaration - **Use Cases**: - **Software Supply Chain**: Assert the existence and purpose of a repository, declaring the initial commit and its purpose. Declare the introduction of a new revision to the repository to fulfill toward that the purpose - **Journalistic Integrity**: Announcing the start of an investigation, detailing the intended scope and objectives. Declaring the creation of a new report or article, asserting the sources and initial findings. - **Wellness Data**: Declaring the beginning of a new health study, specifying the data to be collected and its goals. Assert the collection of wellness data from a specific device, declaring its origin and intended use. - **Educational Credentials**: Announcing the launch of a new certification program, detailing the curriculum and expected outcomes. Declaring the issuance of a new diploma or transcript, asserting its contents and the achievement it represents. 2. **Integrity Assessed** - **Description**: Ensures that the data’s format and structure are intact and unaltered from their origin and sufficiently whole, providing a baseline check for data integrity. This step follows declarations and assertions to ensure the foundational structure is correct. - **Etymology:** This term refers to the process and outcome of evaluating the wholeness, completeness, and unimpaired state of systems or processes. The term "integrity" comes from "integritas," meaning "whole" or "untouched," indicating a state of being complete and unaltered. "Assessed" is derived from the Latin "assidere," meaning "to sit by" or "assist in judging," which implies evaluating or estimating the nature, quality, or ability of something. Together, "Integrity Assessed" emphasizes the careful examination and judgment to confirm that all elements are intact, reliable, and unblemished. - **Action**: Data assessment including structural checks on the data and its consistency based historical data. - **Process**: Perform thorough checks to ensure the data's structure and format are intact, unaltered, and meet expected standards. - **Success**: The foundational structure and integrity of the data are confirmed, ensuring it is well-formed and free from corruption. - **Key Terms**: data integrity, structure consistency - **Use Cases**: - **Software Supply Chain**: Run checks to verify that a repository's files and metadata are uncorrupted from their origin, ensuring the integrity of the source code. Check the formatting of source code and metadata to ensure they match the requirements of the repository. - **Journalistic Integrity**: Assess the file integrity of the sources of media content to ensure videos and images have not been tampered with. Asses the structure and format of changes to the source materal to ensure that any alterations have been declared, to maintain the transparency of journalistic materials. - **Wellness Data**: Assess the structure and format of wellness data, such as health metrics from wearables, to ensure the data has not been tampered with, preserving its accuracy. Ensure the accuracy of sensor data from fitness devices analyzing the data format and integrity. Ensure that best practices of privacy (elision, encryption, or differential privacy) for the safety of the individual are met. - **Educational Credentials**: Assess the structure and format of educational credentials to ensure that transcripts, grades, diplomas, and completion certificates are correctly formatted and unaltered. Check that sufficent claims are included to make it possible confirm their legitimacy. 3. **Cryptographically Verified** - **Description**: This step follows foundation verification and adds a layer of security. Using cryptographic proofs and secrets, such as signatures, time stamps, and zk-proofs to verify data and offer a secure method for ensure not only that the data has not been altered, but that it is associated with issuer of the assertion. - **Etymology**: This term refers to the process and outcome of using cryptographic techniques to ensure the authenticity, integrity, and non-repudiation of data or transactions. "Cryptographic" comes from the Greek "kryptós," meaning "hidden" or "secret," combined with "graphia," meaning "writing." The term "verify" is derived from the Latin "verificare," meaning "to make true." Together, "Cryptographically Verified" emphasizes the use of advanced cryptographic methods to confirm the truth and accuracy of information, ensuring it is genuine, unaltered, and secure. - **Action**: Data creators or authorized signers apply cryptographic verification. - **Process**: Implement cryptographic signatures to ensure data authenticity and integrity, securing the data against tampering. - **Success**: The data is cryptographically verified, confirming its authenticity and integrity through secure signatures. - **Key Terms**: Cryptographic signature, Data authenticity - **Use Cases**: - **Software Supply Chain**: Using cryptographic signatures to sign commits, tags, releases, and other metadata, ensuring that all changes are verified, and enabling further validation of the commit history. Signing software packages and binaries with cryptographic signatures to ensure their authenticity and integrity. - **Journalistic Integrity**: Media devices can sign their digital artifacts and sources with cryptographic proofs and timestamps to establish provenance, and journalists can annotate and sign their changes to source material and their contributions. Using digital signatures for emails and communications to verify the authenticity of sources and documents. - **Wellness Data**: Using cryptographic signatures to sign wellness data entries, ensuring that health data from wearables and other devices can be verified for authenticity and integrity. Implementing blockchain technology to log and verify wellness data entries, enhancing data security. - **Educational Credentials**: Using digital signatures to sign educational credentials, ensuring that diplomas and transcripts can be verified as authentic by employers and other educational institutions. Embedding cryptographic seals in digital badges and certificates to confirm their authenticity. 4. **Trust Aggregated** - **Description**: Involves collecting declarations of trust from various sources, preparing them for further authentication. This step follows cryptographic verification and involves gathering and compiling evidence, endorsements, and trust indicators from multiple origins to form a comprehensive view of trustworthiness to inform subsequent processes. - **Etymomology:** The term "trust" originates from the Old Norse "traust," meaning "confidence" or "protection." "Aggregated" comes from the Latin "aggregare," meaning "to collect" or "to bring together." Together, "Trust Aggregated" emphasizes the gathering and synthesis of diverse trust data, providing a holistic picture of credibility and reliability, rather than making a binary judgment. - **Action**: Ecosystem participants collect and aggregate trust declarations. - **Process**: Gather trust declarations from various sources according to the trust model, consolidating them for further verification. - **Success**: Trust declarations are aggregated, providing a comprehensive view of trust from multiple sources. - **Key Terms**: Trust declaration, Trust model - **Use Cases**: - **Software Supply Chain**: Aggregating trust declarations in the public keys of known contributors, preparing them for further authentication. Collecting trust declarations from external libraries and dependencies to ensure their reliability. - **Journalistic Integrity**: Collecting trust declarations from a network of trusted journalists and sources, laying the foundation for subsequent authentication. Aggregating endorsements from reputable news organizations to build a network of trusted contributors. - **Wellness Data**: Aggregating trust declarations in the public keys of wellness data providers and entities, setting the stage for further verification. Collecting trust ratings from users and professionals to validate the reliability of wellness devices and apps. - **Educational Credentials**: Collecting trust declarations in the public keys of educational institutions and issuing authorities, preparing for further authentication. Aggregating endorsements from recognized accreditation bodies to verify the credibility of new educational programs. 5. **Community Authenticated** - **Description**: Involves authenticating identities and sources through peer verification mechanisms, ensuring the authenticity of contributors. This step follows trust aggregation and adds another layer of trust. - **Etymology:** The term "community" comes from the Latin "communitas," meaning "a fellowship" or "a group with a common interest." "Authenticated" is derived from the Greek "authentikos," meaning "real, genuine," combined with the Latin "authenticare," meaning "to prove genuine." Together, "Community Authenticated" emphasizes the collective efforts of a community or ecosystem to verify and endorse the authenticity and reliability of information of its members, leveraging the wisdom and scrutiny of peers to ensure trustworthiness. - **Action**: Community networks authenticate through peer-to-peer mechanisms. Heirarchical networks authenticate with higher authorities. - **Process**: Use previous history, peer review, trust frameworks and other authentication systems,to authenticate and endorse contributors, verifying their authenticity. - **Success**: The contributors are community authenticated, confirming their legitimacy and trustworthiness. - **Key Terms**: Peer authentication, Community trust - **Use Cases**: - **Software Supply Chain**: Using trust frameworks, trusted identity systems, or community-based peer review to authenticate and endorse contributors, ensuring that only verified contributors can make changes. Implementing code review systems where peers authenticate the quality and security of contributions. - **Journalistic Integrity**: Journalists can authenticate their identities and sources through peer verification mechanisms, enhancing the credibility of their reports. Utilizing a peer network to validate the authenticity of freelance journalist submissions before publication. - **Wellness Data**: Verifying the authenticity of wellness data providers and devices through trusted reviews and endorsements, ensuring data accuracy and reliability. Using community ratings and feedback to authenticate the effectiveness and reliability of health apps and devices. - **Educational Credentials**: Authenticating the issuing authorities and institutions of educational credentials through trusted third parties or peer networks, ensuring the legitimacy of the credentials. Peer-reviewed accreditation processes to authenticate new educational programs and certifications. 6. **Compliance Validated** - **Description**: Ensures that the authenticated data is accurate, reliable, and meets predefined criteria, readying it for final approval. This step follows community authentication and evaluates compliance with standards. - **Etymology:** From the "compliāre" combining "com-" (with, together) and "plēre" (to fill). The term "validate" comes from the Latin "validare," meaning "to make strong, confirm." Thus this phrase emphasizes the thorough evaluation and affirmation that all requirements have been satisfactorily met. - **Action**: Compliance officers assess compliance with standards. - **Process**: Evaluate whether the authenticated data meets the necessary standards, policies, and requirements, ensuring adherence to expected criteria. - **Success**: Compliance is assessed, confirming that the data or credentials meet all necessary standards and requirements. - **Key Terms**: Compliance, Standards evaluation - **Use Cases**: - **Software Supply Chain**: Assessing if authenticated commits meet the organization’s security policies before merging them, ensuring that all contributions comply with security standards. Evaluating software dependencies and libraries to ensure they comply with licensing and security standards. - **Journalistic Integrity**: Assessing the credibility and safety of sources and information before publication, ensuring that all information is reliable and safe to share. Reviewing articles for adherence to ethical guidelines and factual accuracy before publishing. - **Wellness Data**: Assessing if wellness data meets the necessary privacy and accuracy standards before it is used for health monitoring or research, ensuring data integrity. Evaluating health data against regulatory standards to confirm compliance before using it in medical studies. - **Educational Credentials**: Assessing if educational credentials meet the necessary standards and verification requirements before they are accepted by employers or other institutions, ensuring the qualifications are valid. Reviewing the curriculum and accreditation of educational programs to ensure they meet industry standards. 7. **Independently Endorsed** - **Description**: Involves obtaining additional credibility through endorsements from reputable and impartial third parties, ensuring the reliability and acceptance of the data or credentials. This step can follow full authorization and provides an extra layer of assurance. - **Etymology:** "Independently" is derived from the Latin "independens," meaning "not hanging from something," indicating a state of being free from outside control or influence. The term "endorse" comes from the Latin "indorsare," meaning "to put on the back," indicating support or approval. Together, "Independently Endorsed" signifies that assertions about data assets, processes and systems, have been reviewed and approved by recognized, reputable entities without bias, providing an extra layer of assurance and enhancing their credibility and acceptance. - **Action**: Third-party validators obtain external endorsements. - **Process**: Secure endorsements from reputable third parties to add credibility and ensure broader acceptance. - **Success**: External endorsements are obtained, enhancing the credibility and acceptance of the data or credentials. - **Key Terms**: Third-party endorsement, External validation - **Use Cases**: - **Software Supply Chain**: Obtaining endorsements from reputable third parties for the software’s integrity and security, providing additional assurance of quality. Receiving security certifications from independent auditors to validate software reliability. - **Journalistic Integrity**: Getting articles reviewed and endorsed by reputable fact-checking organizations to bolster credibility, ensuring the information is trustworthy. Receiving endorsements from recognized journalism boards to validate the accuracy and reliability of investigative reports. - **Wellness Data**: Having wellness data reviewed and endorsed by recognized health organizations or researchers, adding credibility to the data. Securing endorsements from medical associations to validate the efficacy and safety of health tracking devices. - **Educational Credentials**: Securing endorsements from recognized accreditation bodies for educational credentials to enhance their credibility and acceptance, ensuring the qualifications are respected Obtaining third-party verification for international educational programs to confirm their equivalency and standards. 7. **Authorization Granted** - **Description**: Provides formal acceptance and authorization to take action in regards to a data asset process after all necessary checks have been satisfactorily completed. This step follows compliance assessment and grants official approval to take an action. - **Etymology:** This term refers to the process and outcome of formally granting permission or power to proceed with a specific action or use of data, systems, or processes. The term "authorization" comes from the Latin "auctorizare," meaning "to empower" or "to give authority." "Granted" is derived from the Old French "graanter," meaning "to consent" or "to approve." Together, "Authorization Granted" emphasizes the official approval and empowerment provided after thorough evaluating, ensuring that all necessary conditions and standards have been met to proceed confidently and securely to action. - **Action**: Authorizing bodies grant full authorization. - **Process**: Grant official acceptance and authorization after all prior integrity checks and trust verifications are completed, empowering the data or credentials for use. - **Success**: Full authorization is granted, signifying that the data or credentials are ready for deployment or use. - **Key Terms**: Formal approval, Full authorization - **Use Cases**: - **Software Supply Chain**: Authorizing the deployment of a release candidate after ensuring all prior levels of integrity checks and trust verifications have been satisfactorily completed, indicating readiness for release. Officially approving software updates after all security and functionality checks have been completed. - **Journalistic Integrity**: Publishing an article after verifying all sources and information through a robust, multi-step process, ensuring the accuracy and credibility of the published material. Approving investigative reports for publication after thorough fact-checking and editorial review. - **Wellness Data**: Using wellness data for health interventions or studies after verifying all data integrity and trust requirements have been met, ensuring the data is reliable for critical decisions. Authorizing the use of fitness app data in clinical trials after confirming data integrity and privacy compliance. - **Educational Credentials**: Accepting and recognizing educational credentials for job applications or further education after verifying all integrity and trust requirements, ensuring the credentials are valid and recognized. Officially recognizing online course certifications after verifying their accreditation and curriculum standards. ### Source of Terminology 1. **Asserted**: Refers to the act of confidently stating or claiming something without immediate proof. Rooted in the Latin "assertus," from "asserere" (to claim, affirm), combining "ad-" (to) and "serere" (to join, attach). This initial step forms the basis for further validation and scrutiny, preceding formal declaration and assessment. 1. **Declared**: Involves making an official or public announcement of a statement or position. Derived from the Latin "declarare" (to make clear), combining "de-" (thoroughly) and "clarare" (to make clear). Following an assertion, this step brings the statement into the public domain, setting the stage for assessment and verification. 1. **Integrity**: Refers to the state of being whole, complete, and unimpaired. Derived from the Latin "integritas" (whole, untouched), integrity involves upholding high standards and consistency in actions and values, reflecting an unwavering commitment to ethical principles over time. 1. **Assessed**: Means to evaluate or estimate the nature, quality, or ability of something. From the Latin "assessus," past participle of "assidere" (to sit by, assist in judging), combining "ad-" (to) and "sedere" (to sit). This evaluation step provides the groundwork for verification and validation, often preceding these steps. 1. **Verified**: Refers to the act of checking for accuracy or truth to ensure correctness. Stemming from the Old French "verifier," from Latin "verificare" (to make true), from "verus" (true). This step ensures that the assessed information is accurate and reliable, following assessment and preceding proving. 1. **Proved**: Means to demonstrate something to be true or valid through evidence or argument. Originates from the Middle English "prever," from Latin "probare" (to test, approve), from "probus" (good). This step solidifies correctness with evidence, often following verification and paving the way for validation. 1. **Validated**: Refers to proving that something meets specific criteria or standards, stronger than verification. From the Latin "validare" (to make strong, confirm), from "validus" (strong, valid). Following verification and proving, this step ensures compliance with required standards, leading to confirmation. 1. **Confirmed**: Involves strengthening or establishing something as true, often following verification and validation. From the Old French "confirmer," from Latin "confirmare" (to strengthen, establish), combining "com-" (together) and "firmare" (to make firm). This step reinforces the truth established by prior steps, preparing for certification. 1. **Certified**: Means to be officially recognized as possessing certain qualifications or meeting standards. Originates from the Old French "certifier," from Latin "certificare" (to certify), combining "certus" (certain) and "facere" (to make). Following validation and confirmation, this step provides formal recognition, leading to approval. 1. **Approved**: Refers to being officially accepted as satisfactory. From Old French "aprover," from Latin "approbare" (to assent to as good), combining "ad-" (to) and "probare" (to test, prove). This step indicates formal acceptance after evaluation, often following assessment, validation, and certification, and preceding endorsement. 1. **Endorsed**: Involves public or official support. From the Old French "endosser" (to put on the back), from Latin "indorsare," combining "in-" (on) and "dorsum" (back). Often following approval, this step provides additional backing, leading to accreditation. 1. **Accredited**: Means to be officially recognized or authorized by a formal authority. From the Latin "accreditare" (to give credit to), from "ad-" (to) and "credere" (to believe). Typically following certification and sometimes endorsement, this step provides formal authorization, often leading to authentication. 1. **Authenticated**: Refers to proving something to be genuine. From Medieval Latin "authenticatus," past participle of "authenticare" (to authenticate), from "authenticus" (genuine, original). Often the final step in proving genuineness, this step confirms the authenticity of an object or statement, preceding authorization. 1. **Authorized**: Involves granting official permission or power to proceed or act. From Old French "auctoriser," from Latin "auctorizare" (to empower), from "auctor" (author, originator). This step, generally the final one, allows action to proceed, following all previous steps to provide official permission or power. ## Terms (by process order and strength of credibility) 1. **Asserted**: The initial claim or statement. 2. **Declared**: An official or public announcement, potentially an initial stage. 3. **Integral:** Complete, whole. 3. **Assessed**: Evaluated for initial qualities or value, often precedes other steps. 4. **Verified**: Checked for accuracy or truth, ensures correctness. 5. **Proved**: Demonstrated to be true or valid, often following verification. 6. **Validated**: Proved to meet criteria or standards, stronger than verification. 7. **Confirmed**: Strengthened or established as true, often follows verification and validation. 8. **Certified**: Officially recognized as possessing certain qualifications or meeting standards, typically following validation and confirmation. 9. **Approved**: Officially accepted as satisfactory, following assessment and validation. 10. **Endorsed**: Publicly or officially supported, often follows approval. 11. **Accredited**: Officially recognized or authorized by a formal authority, typically following certification and sometimes endorsement. 12. **Authenticated**: Proved to be genuine, confirming authenticity, often final step. 13. **Authorized**: Granted official permission or power, allowing action to proceed, generally final in a process requiring approval. Uncategories terms ### Source of Terminology 1. **Credible**: Means capable of being believed or trusted. Rooted in the Latin "credibilis," from "credere" (to believe). This characteristic indicates the potential for belief, suggesting reliability and trustworthiness in information or sources, and is often a prerequisite for further validation and confirmation. 1. **Reputation**: Refers to the beliefs or opinions that are generally held about someone or something. Derived from the Latin "reputationem" (a consideration, reflection), from "reputare" (to think over), combining "re-" (again) and "putare" (to think). This collective assessment reflects the cumulative perception of reliability and trustworthiness over time. 1. **Repute**: Means the opinion generally held of someone or something; the state of being highly regarded. From the Latin "reputare" (to think over), with a similar etymological root as reputation. This term emphasizes the esteem and regard held by others, often based on observed behavior and past performance. 1. **Certainty**: Refers to the state of being completely confident or having no doubt about something. Derived from the Old French "certainete," from Latin "certitudo" (certainty), from "certus" (sure, fixed). This final state represents the culmination of assurance and confidence, often following thorough verification and validation processes. 1. **Veracity**: Refers to the accuracy, truthfulness, and correctness of something. Derived from the Latin "veracitas," from "verax" (true), which is from "verus" (true). This term emphasizes adherence to truth and accuracy, serving as a critical measure in the evaluation and validation of information. 1. **Reliable**: Means consistently good in quality or performance; able to be trusted. From the Latin "re-" (back) and "ligare" (to bind), suggesting something that can be depended upon due to its proven consistency and trustworthiness. This characteristic is essential in establishing credibility and trust over time. 1. **Genuine**: Refers to being truly what something is said to be; authentic. From the Latin "genuinus" (native, natural), from "genu" (knee), metaphorically indicating something innate or inherent. This term underscores authenticity and truth, often verified through careful examination and validation processes. ==== # Are there Six Levels of Integrity in Progressive Trust? This Six Levels of Integrity model provides a structured approach to ensuring the trustworthiness and security of data assets through progressively rigorous validation and verification steps. This framework supports progressive trust, which is essential for various applications. #### 1. Structure-Validated - **Actor**: Data creator - **Action**: Data creation - **Process**: Validate Structure - **Success**: Structure Validated - **Definition**: Ensures the integrity of data assets by validating the format and structure of all elements to ensure they are well-formed and uncorrupted. This provides a baseline check to confirm that the content and metadata are intact and have not been corrupted. - **Key Terms**: Data integrity, Structure consistency - **Use Case: Software Supply Chain**: Running checks to verify that a repository's files and metadata are uncorrupted from origin. - **Use Case: Journalistic Integrity**: Validating the structure and format of equipment & software used to create digital documents and to ensure they have not been altered. - **Use Case: Wellness Data**: Validating the structure and format of wellness data, such as health metrics from wearables, to ensure the data has not been tampered with. - **Use Case: Educational Credentials**: Validating the structure and format of educational credentials to ensure that transcripts with class details, grades, diplomas, and completion certificates are correctly formatted and unaltered. #### 2. Proof-Asserted - **Actor**: Data creator including equipment - **Action**: Data creation - **Process**: Assert Proof - **Success**: Proof Asserted - **Definition**: Involves the inclusion of cryptographic provenance assertions, such as digital signatures and timestamps, necessary to prove the origin and authenticity of each data element in the future. It ensures that every piece of data can be verified as authentic and unaltered from its original state. - **Key Terms**: Digital signature, Provenance, Cryptographic proof - **Use Case: Software Supply Chain**: Using cryptographic signatures to sign commits, tags, releases, and other metadata, enabling further validation of the commit history. - **Use Case: Journalistic Integrity**: Media devices can sign their digital artifacts and sources with cryptographic proofs and timestamps to establish provenance. Journalists can annotate and sign their changes to source material, and of their contributions. - **Use Case: Wellness Data**: Using cryptographic signatures to sign wellness data entries, ensuring that health data from wearables and other devices can be verified for authenticity and integrity. - **Use Case: Educational Credentials**: Using digital signatures to sign educational credentials, ensuring that diplomas and transcripts can be verified as authentic by employers and other educational institutions. #### 3. Trust-Declared - **Actor**: Ecosystem participant - **Action**: Participant assessment - **Process**: Declare Trust - **Success**: Trust Declared - **Definition**: Declaring trust in the public keys and identities involved in the data without full endorsement, and collecting additional proofs. This involves acknowledging the presence of trusted entities associated with the keys. - **Key Terms**: Public keys, Identity declaration, Trust assertion - **Use Case: Software Supply Chain**: Declaring trust in the public keys of known contributors. - **Use Case: Journalistic Integrity**: Establishing a network of trusted journalists and sources where each participant vouches for the credibility of others. - **Use Case: Wellness Data**: Declaring trust in the public keys of wellness data providers and entities, ensuring that data from trusted devices and sources is recognized and trusted. - **Use Case: Educational Credentials**: Declaring trust in the public keys of educational institutions and issuing authorities, ensuring that credentials from these entities are recognized and trusted. #### 4. Authentication-Verified - **Actor**: ??? [see comment] - **Action**: ??? - **Process**: Verify Authentication - **Success**: Authentication Verified - **Definition**: Verifying trust through trusted mechanisms such as peer endorsements, community reviews, or third-party verification. Public keys and identities of entities are authenticated and endorsed, providing a higher level of assurance. - **Key Terms**: Authentication, Verification, Peer endorsement, Web of trust - **Use Case: Software Supply Chain**: Using trust frameworks, trusted identity systems, or community-based peer review to authenticate and endorse contributors. - **Use Case: Journalistic Integrity**: Journalists can authenticate their identities and sources through peer verification mechanisms. - **Use Case: Wellness Data**: Verifying the authenticity of wellness data providers and devices through trusted reviews and endorsements, ensuring data accuracy and reliability. - **Use Case: Educational Credentials**: Authenticating the issuing authorities and institutions of educational credentials through trusted third parties or peer networks. #### 5. Authorization-Assessed - **Actor:** Data Recipient - **Action:** Risk Comparison - **Process**: Assess Authorization - **Success**: Authorization Assessed - **Definition**: The relying party evaluates the provenance and trust information to determine if it meets their specific requirements for taking action. This involves assessing whether the verified trust aligns with organizational risk profiles, policies, and standards. - **Key Terms**: Authorization, Policy compliance, Requirement evaluation - **Use Case: Software Supply Chain**: Assessing if authenticated commits meet the organization’s security policies before merging them. - **Use Case: Journalistic Integrity**: Assessing the credibility and safety of sources and information before publication. - **Use Case: Wellness Data**: Assessing if wellness data meets the necessary privacy and accuracy standards before it is used for health monitoring or research. - **Use Case: Educational Credentials**: Assessing if educational credentials meet the necessary standards and verification requirements before they are accepted by employers or other institutions. #### 6. Action-Approved - **Actor:** Data Recipient - **Action:** Data Usage - **Process**: Approve Action - **Success**: Action Approved - **Definition**: At this final level, the provenance and trust information fully meet the necessary requirements, and authorization is granted for specific actions. This is the decision point where the relying party approves the integration or deployment of the content based on comprehensive integrity checks in order to make use of it. - **Key Terms**: Action approval, Data publication, Decision-making, Trust fulfillment - **Use Case: Software Supply Chain**: Approving the deployment of a release candidate after ensuring all prior levels of integrity checks and trust verifications have been satisfactorily completed. - **Use Case: Journalistic Integrity**: Publishing an article after verifying all sources and information through a robust, multi-step process. - **Use Case: Wellness Data**: Using wellness data for health interventions or studies after verifying all data integrity and trust requirements have been met. - **Use Case: Educational Credentials**: Accepting and recognizing educational credentials for job applications or further education after verifying all integrity and trust requirements. -- Later steps: [?] 7. [?] Third party packaging [e.g., AP], though there's some [but not full] overlap with #6 7. [?] Third party assessment [e.g., Snopes] ===