The purpose of the Trust Working Group is to establish a system of trust labels and apply them to the various entities and packages in the FAIR ecosystem via a labelling system which will be required for all FAIR-Federated network nodes ("nodes" referring to anything connected, whether a Repository, Aggrigator, or Client).
The Trust WG is broadly responsible for refining and implementing Moderation in the FAIR Ecosystem.
- Define the set of business rules needed for establishing trust in the supply chain from end-to-end. (September 2025)
- Determine what levels of trust are achievable through automated means and by manual review. (September 2025)
- Determine what automated means of verification are available now or have potential in the short to medium term. (October 2025)
- Create a set of relevant trust signals and draft guidelines for establishing trust through the available signals, both automated and manual, and map these to specific labels to be applied. (October 2025)
- Test the Ozone labelling platform, or alternatives if available, and create a gap list of user or business-rule needs not addressed. (November 2025)
- Create a set of technical requirements for meeting the identified operational business rules. (November 2025)
- Implement and operate the FAIR Trust labeller. (Testing in December 2025 for launch in January 2026)
- Identify supply chain threats/risks through differnt attack vectors at various points in the supply chain.
- Sort can sort exposures into (a) items for which a technical (security) solution can be implmented and (b) ones which require a Trust signal available either by machine or human review.
- Identify specific vulnerabilities at each point in the supply chain in order to determine the type of security solution or trust signal required.
- Assign significance to each available trust signal in context and ensure we have a signal for each vulnerability that doesn't have an adequate security (tech) solution.
Discussion: #wg-trust Channel on chat.fair.pm