DID Security and Trust Profile
Vertical standards for security requirements
What does the work you will carry out for the CYBERSTAND SSP consist of?
In this project, I work on a "DID Security and Trust Profile" which enhances security and trust in Decentralized Identifier (DID) technology. This is filling an important gap, since DIDs are already being widely used for digital identity ecosystems in Europe and around the world. While DIDs themselves have already been standardized, there have been only sporadic extensions or profiles specifically dedicated to security and trust aspects of DIDs. This specification covers a set of such aspects in a consolidated way, enabling DID implementers to make their infrastructures more secure and trustworthy.
What is the expected result and impact of this activity?
The expected result will be a "DID Security and Trust Profile" document. This work will benefit many decentralized digital identity initiatives in Europe and around the world, including the EUDI Wallet initiative, EBSI, Gaia-X, Digital Product Passports, and others.
Which aspects of the Cyber Resilience Act (CRA) standardisation are you focusing on?
VERTICAL STANDARDS FOR SECURITY - 16. Standards on cybersecurity requirements for identity management systems and privileged access management software and hardware
