This document is aimed at creating aims to create the necessary conditions for trust between federation members regarding in the handling and transmission of digital electronic assertions that form the basis for access for by users and technical actors (such as APIs, systems, and machine entities) in a privacy-preserving manner. It specifies the requirements that must be fulfilled by the federation members and other trusted parties. The These requirements cover information security, technical and organisational safeguards, internal governance and control, identity and attribute management, and incident management.

This Trust Framework applies to all federation parties that are subject to a federation policy implementing that implements the requirements set out in this Trust Frameworkherein.

Content in Swedish.

Tillitsramverk för Svenska federationer

  Internetstiftelsens_tillitsramverk-Svenska_federationer-1.0.pdf

...