Date: Thu, 28 Mar 2024 12:37:58 +0000 (UTC) Message-ID: <285638363.3137.1711629478881@ea68ca05d35d> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_3136_1706351652.1711629478880" ------=_Part_3136_1706351652.1711629478880 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
As part of an initial and = ongoing governance process, Ecosystems must appropriately consider the risk= s affecting the set of transactions and credentials they are charged with g= overning. The attached matrix identifies risks related to digital ide= ntity and verifiable credentials at all layers of the ToIP stack:
|
|||||||
RISK | ToIP LAYER | TRUST AREAS AFFECTED | SEVERITY | LIKELIHOOD | RISK IMPACT | CONSIDERATIONS | |
Governance Authority Risks | |||||||
Lack of competence to perform role | Ecosystem | Governance | Need for experienced personnel, proper training = and governance framework | ||||
Lack of sufficient policy and practices | Ecosystem | Governance | Need for complete governance framework and feedb= ack look | ||||
lack of consistency in operating practices of ro= les | Ecosystem | Governance | Requires proper oversight and trust assurance me= chanisms | ||||
Lack of accountability of roles in network | Ecosystem | Governance | Requires proper oversight and trust assurance me= chanisms | ||||
Lack of communication about governance practices= | Ecosystem | Governance | Requires appropriate communication channels | ||||
Lack of appropriate authority | Ecosystem | Governance | Requires recognition and endorsement by relying = parties | ||||
Ineffective bias in authority | Ecosystem | Governance | Requires even representation, voting standards a= nd non-discrimination practices | ||||
Lack of Relying Party recognition | Ecosystem | Governance | Requires recognition and endorsement by relying = parties | ||||
Ecosystem Lacks Jurisdictional Acceptance | Ecosystem | Governance | Requires Mapping of Jurisdictional Regulation | ||||
Ecosystem Lacks Industry Acceptance | Ecosystem | Governance | Requires Mapping of Industry Regulation | ||||
Ecosystem Issues Trust Marks Inappropriately or = Without Basis | Ecosystem | Governance | Requires Adequate Trust Marks Policies | ||||
Ecosystem Allowing Inappropriate Actors to Parti= cipate in Network | Ecosystem | Governance | Requires Provider Evaluation and Acceptance Proc= esses | ||||
Ecosystem Inappropriately Blacklisting or White = Listing Other Ecosystems | Ecosystem | Governance | Requires Adequate Ecosystem Black and White List= ing Processing | ||||
Issuer Risks | |||||||
Credential Issued without sufficient basis | Data Exchange | Data Integrity | Requires training, trust assurance practices and= controlled practices | ||||
Credential Issued before appropriate proofing of= basis | Data Exchange | Data Integrity | Requires training, trust assurance practices, co= ntrolled practices and proper workflow | ||||
Credential Issued in the wrong format or structu= re | Data Exchange | Data Integrity | Requires standard formats and formatting control= s | ||||
Credential issued to impostors | Data Exchange | Security | Requires Trusted Issuers, trust assurance practi= ces | ||||
Credential Lacking Uniqueness | Data Exchange | Data Integrity | Requires Appropriate Credential Serialization | ||||
Credential Becoming Obsolete | Data Exchange | Data Integrity | Requires Appropriate Credential Validity Periods= | ||||
Lack of Credential Revocation | Data Exchange | Data Integrity | Requires Adequate Credential Status Checking Pro= cedures | ||||
Identity Proofing Practices Inadequate for Level= of Assurance | Data Exchange | Data Integrity | Requires Ecosystem Governance Conformance Proced= ures | ||||
Issuer Practices Not Accepted by Ecosystem = | Ecosystem | Governance | Requires Issuer Practice Conformance Procedures<= /td> | ||||
Issuer Operations Unavailable | Data Exchange | Availability | Requires Network Redundancy Procedures | ||||
Verifier Risks | |||||||
Lack of competence to perform role | Data Exchange | Governance | Requires training, trust assurance practices and= controlled practices | ||||
Lack of consistent verification practices | Data Exchange | Data Integrity | Requires training, trust assurance practices and= controlled practices | ||||
Missing verification | Data Exchange | Data Integrity | Requires training, trust assurance practices and= controlled practices | ||||
Untimely verification | Data Exchange | Data Integrity | Requires time-based controls | ||||
Evidence of verification incomplete or in incorr= ect format | Data Exchange | Data Integrity | Requires standard formats and formatting control= s | ||||
Verifier Practices Not Accepted by Ecosystem&nbs= p; | Ecosystem | Governance | Requires Verifier Conformance Procedures | ||||
Suspended Credential Being Accepted | Data Exchange | Data Integrity | Requires Adequate Credential Suspension Processe= s | ||||
Revoked Credential Being Accepted | Data Exchange | Data Integrity | Requires Adequate Credential Status Checking Pro= cedures | ||||
Man-In-The-Middle Attack During Legitimate Verif= ication | Data Exchange | Security | Requires Verifier Vulnerability Practices | ||||
Verifier Network Unavailable | Data Exchange | Availability | Requires Network Redundancy Procedures | ||||
Credential Registry Risks | |||||||
Lack of competence to perform role | Data Exchange | Governance | Requires training, trust assurance practices and= controlled practices | ||||
Unavailable registry | Data Exchange | Availability | Requires availability controls | ||||
Lack of appropriate access to registry | Data Exchange | Security | Requires appropriate access controls | ||||
Inappropriate access writes to registry | Data Exchange | Data Integrity | Requires appropriate access management controls<= /td> | ||||
Breach of registry | Data Exchange | Security | Requires appropriate security perimeter, breach = detection and notification controls | ||||
Exploited Use of Stolen Credentials | Data Exchange | Data Integrity | Requires Adequate Breach Notification Processes<= /td> | ||||
Credential Registry Not Accepted by Ecosystem&nb= sp; | Ecosystem | Governance | Requires Credential Verifier Conformance Procedu= res | ||||
Audit Accreditor Risks | |||||||
Insufficient vetting of auditor population | Ecosystem | Governance | Requires training, and generally accepted audito= r accreditor practices | ||||
Lack of competence to perform role | Ecosystem | Governance | Requires training, and generally accepted audito= r accreditor practices | ||||
Auditor Risks | |||||||
Lack of competence to perform role | Ecosystem | Governance | Requires training, sufficient experience and gen= erally accepted auditor practices | ||||
Credential Holder Risks | |||||||
Holder Threat of Litigation over Issuer | Data Exchange | Confidentiality | Proper Agreement in pace between Issuer and Hold= er detailing rights. | ||||
Counterfeit Credentials Being Created | Data Exchange | Data Integrity | Requires Adequate Credential Non-Repudiation Pra= ctices | ||||
Lack of Binding Between Holder and Credential | Data Exchange | Data Integrity | Requires Adequate Wallet Protection Measures | ||||
Credential Holder Given Inappropriate Access Rig= hts | Data Exchange | Security | Requires Adequate User Enrollment Processes | ||||
Imposter Using Valid Credential | Data Exchange | Security | Requires Adequate Wallet Protection Measures | ||||
Credential Wallet Private Key is Compromised | Data Exchange | Security | Requires Adequate User Wallet Protection Measure= s | ||||
Credential Holder's Private Data is Compromised<= /td> | Data Exchange | Privacy | Requires Adequate User Wallet Protection Measure= s | ||||
Lack of Portability of Credential | Data Exchange | Data Integrity | Requires Adequate Credential Interoperability Pr= actices | ||||
Lack of Credential Federation Across Ecosystems<= /td> | Ecosystem | Governance | Requires Adequate Credential Interoperability Pr= actices | ||||
Exploited Private PIN Code Capture | Data Exchange | Confidentiality | Requires Adequate Wallet Protection Measures | ||||
Social Engineering Attacks Successfully Gather C= redentials by Perpetrators | Data Exchange | Security | Requires Adequate Wallet Protection Measures | ||||
Provider Risk | |||||||
Provider Software Does not Operate as Intended= td> | Provider | Data Integrity | Requires Adequate Provider SDLC Processes | ||||
Provider Software Does Not Operate on User Devic= es | Provider | Data Integrity | Requires Adequate Provider SDLC Processes | ||||
Provider Code Updates Cause Operational Issues= td> | Provider | Data Integrity | Requires Adequate Provider SDLC Processes | ||||
Provider System Unavailable | Provider | Availability | Requires Adequate Provider Hardware Integration = Practices | ||||
Utility Risks | |||||||
Inconsistent Steward Acceptance Practices | Utility | Governance | Requires Adequate Utliity Steward Acceptance Pra= ctices | ||||
Stewards Not Abiding by Governance Practices | Utility | Governance | Requires Adequate Steward Conformance Practices<= /td> | ||||
Stewardship Not Available to Qualified Applicant= s | Utility | Governance | Requires Adequate Utliity Steward Acceptance Pra= ctices | ||||
Utility Not a Viable Going Concern | Utility | Governance | Requires Adequate Utility Monitoring Practices= td> | ||||
Utility Using an Ineffective Consensus Model | Utility | Governance | Requires Adequate Utility Monitoring Practices= td> | ||||
Utility Consensus Model Not Operating as Designe= d. | Utility | Governance | Requires Adequate Utility Monitoring Practices= td> | ||||
Utility Charging Inaccurate Fees For Service | Utility | Governance | Requires Adequate Utility Monitoring Practices= td> | ||||
Inadequate Number of Stewards for Consensus Prot= ocol | Utility | Governance | Requires Adequate Utility Monitoring Practices= td> | ||||
Inadequate Infrastructure Supporting Steward Ope= rations | Utility | Availability | Requires Adequate Steward Conformance Practices<= /td> | ||||
Inadequate Network Throughput Supporting Steward= Operations | Utility | Availability | Requires Adequate Steward Conformance Practices<= /td> | ||||
Inadequate Network Availability Supporting Stewa= rd Operations | Utility | Availability | Requires Adequate Steward Conformance Practices<= /td> |