Trustworthy Components

TDL is a place where members exchange ideas, about leading edge technology, methodologies and services. Sometimes this leads to bilateral business contacts. It can also provide leads for new insights and innovation. The association has created several vehicles to achieve these ambitions:

Each of these collaborative activities involve more than one TDL member working together over a specified period of time with a clearly defined set of deliverables.


TDL’s developed a generic trust architecture as part of an EC-funded project (ATTPS) that defines requirements, functionalities and a set of building blocks and core components to deliver the main targeted functionalities for trustworthy services, including mobile service and platform integrity, trusted stack and data life cycle management.

TDL members can offer, use and validate trustworthy elements (e.g. technology components) and have the possibility to “play around” with technology that is offered and provide feedback to the element provider (i.e. the publisher). The requirements for element publishers to deploy trust elements for download are the provision of a stand-alone service element, first level support, and optional online questionnaires to be filled in by users to gain insights. Each element is evaluated by a TDL committee for final deployment approval.

The motivation for this activity comes from the three complementary perspectives of technology, legal and business, for:

  • Technology parties to deploy their applications or concepts in a regulated and trusted environment to receive feedback on different aspects of functionality.
  • Developers to identify bottlenecks (technical, legal, business models) hampering adoption. It is better to identify these in this generic fashion in order improve their usability in trustworthy ICT solutions.
  • Element providers to receive more insights to support their investment decisions and receiving valuable feedback on user requirements,

The overall concept is to provide validation of the overall technology, concepts and generic architecture to provide input for standardisation bodies on a European level such as ITU-T SG 17, ISO/IEC/JTC1/SC27, ETSI, ENISA, 3GPP SA3 etc.

Access Control: enables to manage specific permissions and policies to resources allowing different access levels to users.

Identity Management: covers a number of aspects involving users’ access to networks, services and applications.

Security Monitoring: active observation of the security state of an ICT system, detecting potential attacks or…

Trustworthy Data Storage: guarantees that the original data is not altered, it relies on automatic data encryption with…

Trustworthy Data Processing: guarantees that the used hardware and software is in fact processing the data in a way it was…

Data Privacy: terms and conditions should be detailed to the end user in simple terms that they understand how…

Consent: explicit permission by the user to a specific request formulated in a clear and easy to understand…

E-signing: scheme for demonstrating the authenticity of a digital message or document, indicating it has…

Offboarding: de-provisioning of credentials and revoking of access privileges when the user is no longer part…

Onboarding: obtain correct user credentials to enroll into the service in an easy and secure manner leverage…

Strong Authentication: mechanism to confirm the truth of an attribute of a single piece of data using multiple factors from…

Trustworthy Infrastructure / Cloud: additional set of components on top of the basic infrastructure/cloud, working together to enable…

Trustworthy Factory: focuses on processes offered to stakeholders (designers, developers, customers) to ensure…