Trust Framework

Rely on Us

Going Beyond User Names and Passwords.

Using encryption and credentials is confusing and complicated. How do you know someone is who that person claims to be?

The health community is always under pressure to adopt the most stringent security and privacy rules. Businesses and agencies require more critical information exchanges than ever.

It's easy to rely on a credential that lacks identity proofing and rigor. So it's essential to know who issued the credentials being used to access your applications and information, so you don't make that mistake.

SAFE Identity enables a wide adoption of military-grade Public Key Infrastructure (PKI) to to facilitate the use of strong digital identities. We achieve this by effectively and thoroughly managing the challenges of a relying party so you don’t have to.

A Framework of Trust

Trust is hard. A framework establishes a foundation for agreement.

Knowing who to trust is always challenging. In our personal lives, we reference our relationships to establish it. Things work the same in the digital domain.

We have always relied on trusted relationships to set policies and provide services that hold and account for critical security assets. Sharing these assets is required among those who wish to validate identities to exchange information and make binding agreements. These roles are just as necessary in the digital world as they are in the physical. In the digital world, these roles are the foundations of a Trust Framework. SAFE Identity is a trust framework provider that focuses on the health community.

Trust must be shared fairly and equally. You need an authority to grant it.

Authority is best granted to an informed, independent party whose best interest is served by being impartial. That party should maintain the rules and have the ability to enforce them. The rules of trust should be agreed to by all parties who have a material interest in them.

SAFE Identity is a Bridge Certificate Authority. We federate Certificate Authorities, using, cryptography and mapping Certificate Policies, of credential providers back to our own set of commonly agreed bridge certificate policies. We enable credential providers to work under a common and agreed–to set of rules for operating in our trusted environment.

Policy Management Authority

The SAFE Identity Policy Management Authority is an independent group of aligned security experts from the health community that governs our trust framework. The PMA defines the policies that are then mapped to the identity providers and tested to confirm compliance and interoperability.

The PMA is responsible for maintaining the documentation upon which the federated trust is based. It ensures continuing adherence to the membership's criteria of Federated Trust set by its members. It facilitates interoperability across the Federated Trust environment.

Each organization that is a SAFE Identity Bridge member has voting membership on the SAFE Identity PMA. All prospective members must undergo review by the PMA and a vote before being admitted to membership in the trust framework. In this manner, the SAFE Identity trust community maintains its high level of integrity and assures that the current membership is directly involved in federation decision-making.

Services to make the promise of cryptography happen

Policies, procedures, auditing, and testing are all essential. They still have to work. Execution matters to the people who need access. Valid credentials need to be accepted as quickly and accurately as non-conforming credentials are denied. Credentials that are compliant in one organization in the community should be equally accessible in another community organization.

Services like our Global encryption Directory and Federation Gateway ease the burdens of relying on credentials and identities across organizational borders. SAFE Identity allows community participants to engage in more secure exchanges with less complexity. We allow parties interested in the procurement of reliable credentials to access our public list of tested and approved identity providers at no cost.

Pulling it all together for a single source of reliability.

SAFE Identity brings the trust framework, Certificate authority, and federation-led policy management to enable robust and usable identity encryption.

If any two certificate authorities or applications are SAFE Identity compliant, they both have undergone interoperability testing. It doesn't matter which provider you choose underneath SAFE Identity; they all will work.

We enable companies to confidently purchase credentials from our list of approved Master Certificate Authorities because we've done the work to verify them. We conduct ongoing monitoring of our approved certification authorities. We connect and test them to our infrastructure so that interoperability is confirmed. Our federation members trust our methods. They can trust our approved certificate authorities and applications because our members define the rigorous testing procedures and compliance policies.