Page 238 - Trust in ICT 2017
P. 238
4 Trust in ICT
The keywords “is required to” indicate a requirement which must be followed and from which no deviation
is permitted if conformance to this document is to be claimed.
The keywords “is recommended” indicate a requirement which is recommended but which is not absolutely
required. Thus this requirement need not be present to claim conformance.
The keywords “can optionally” and “may” indicate an optional requirement which is permissible, without
implying any sense of being recommended. These terms are not intended to imply that the vendor’s
implementation must provide the option and the feature can be optionally enabled by the network
operator/service provider. Rather, it means the vendor may optionally provide the feature and still claim
conformance with the specification.
6 Necessity of trusted environment in ICT infrastructure
Due to the development of information technology and future networks where the number of entities and
their interactions (e.g., "human to human", "human to machine", "machine to machine", etc.) increases
significantly. In any uncertain circumstance, people need to be able to predict the results of these interactions
especially with the entities they cannot control remotely. To provide the desired level of confidence and
protection it is necessary to conduct a complex of special technical and organizational measures. One of the
possible ways is to create trusted environment in ICT infrastructure.
The globalization and the widespread of information technologies leads to the displacement of the context
of trust by special technological means. Therefore, ICT infrastructure needs to play an important role for
building up trusted environment with interoperability and information security. In addition, ICT infrastructure
needs trust between interacting parties under a high level of responsibility in resource-limited environment
(e.g., to save human lives for the case of emergencies).
Trusted environment in ICT infrastructure is necessary for social, critical and life-demand services (e.g., e-
government, e-commerce, e-health, etc.). For such services establishing of trust between service provider
and consumers may solve problems of fraud and increase availability of services.
In summary, creating trusted environment in ICT infrastructure allows interacting entities to predict the
results of interactions and excludes risks caused by the growing number of interactions and the lack of its
context while providing interoperability and information security.
7 Requirements of trusted environment in ICT infrastructure
Trusted environment in ICT infrastructure must meet the following requirements:
Predictability
• All participants interacting within trusted environment are required to be equipped with the
capability to predict the outcome of the interactions in order to reduce the risks of negative
consequences caused by the inappropriate behavior of any participants.
• For this, ICT infrastructure used for trusted environment is required to meet a certain level of quality.
• Handy user interfaces and systems of accesses to trusted environment are recommended to be
provided for participants to improve predictability by using comfortable and familiar methods of
interaction each time.
Information security
• It is required to provide confidentiality, integrity and the availability of information as well as the
absence of misinformation (spam, etc.) for all participants interacting within trusted environment.
• Each participant is required to be verified for compliance with the common minimal security
requirements.
• Minimal security requirements for trusted environment in ICT infrastructure are required to be
developed for all security dimensions [b-ITU-T X.805] with the goal to provide electronic exchange
of information in trusted environment with the same level of trust in a non-electronic interaction.
230
