This article originally appeared on the LF Public Health project’s blog. We republished it here to help spread the word about another impactful project made possible through open source.
Linux Foundation Public Health (LFPH) launched the Global COVID Certificate Network (GCCN) project in June 2021 to facilitate the safe and free movement of individuals globally during the COVID pandemic. After nine months of dedicated work, LFPH completed the proof-of-concept (POC) of the GCCN Trust Registry Network in partnership with Fraunhofer Institute for Industrial Engineering (Fraunhofer IAO), Symsoft Solutions and Finema in March 2022.
With the ambition to provide a complete suite of technology to address the many challenges for COVID certificates, such as interoperability, data security and privacy protection, LFPH began the GCCN project focusing on one of the challenges not being addressed—a global trust architecture that allows seamless integration of the disparate COVID credential types. At the time, many small and large centralized trust ecosystems that implemented different technical standards and policies, such as the EU Digital COVID Certificate, emerged and began to gain traction. However, without a platform that allows these ecosystems to discover and establish trust with each other, there wouldn’t be interoperability at the global level. The GCCN Trust Registry Network was created to solve exactly this problem.
“We started the GCCN work in response to COVID, but everything we do has a vision for solving the challenge of people needing multiple credentials and constant verifications. The GCCN Trust Registry Network makes possible a new, decentralized way of trust management, which helps revolutionize how identities are shared in a privacy-preserving way. At LFPH, we are dedicated to open source innovation for public health and patient identity. We look forward to working with our members, community and stakeholders to advance the GCCN work both in the US and internationally.” – Jim St.Clair, Executive Director of LFPH
Building on the open source TRAIN Trust Management Infrastructure funded by the European Self-Sovereign Identity Framework (ESSIF) Lab, the GCCN Trust Registry Network allows different COVID certificate ecosystems, which can be a political and economic union (e.g. the EU), a nation state (e.g. India), a jurisdiction (e.g. the State of California), an industry organization (e.g. ICAO) or a company (e.g. a COVID test administrator), to join and find each other on a multi-stakeholder network, and validate each other’s COVID certificate policies. This interaction is known as a discovery mechanism. Then based on the discovery, verifiers will decide whose certificates they accept and use the Trust Registry Network to build a customized trust list based on their entry rules and check the source of incoming certificates against their known list to determine if it’s from a trusted source. If the certificate is from a trusted source, the verifiers will be able to use the public key to decrypt and decode a COVID certificate. For more information about the technical mechanism behind the GCCN Trust Registry Network and how it works, please see our two recent articles, “How does a border control officer know if a COVID certificate is valid?” and “How does a border control officer know if a traveler meets entry rules?”.
The GCCN Trust Registry Network PoC is composed of two parts, onboarding to the Network and verification of COVID certificates using the Network. The PoC wouldn’t have been a success without the contributions of these partners and the ongoing support of the LFPH community. Fraunhofer IAO, the German research organization that developed the TRAIN Infrastructure, supported the effort throughout. Symsoft Solutions, a US-based enterprise web solutions provider, built the initial demo web application of the Network and web interface for the onboarding process of the POC. Savita Farooqui, the founder of Symsoft Solutions, has been co-leading the design and technical development of GCCN with LFPH staff. Finema, a Thai company specializing in decentralized identity solutions, developed the verifier app for the POC that demonstrates how a verifier can leverage the Network for verifications.
“By working with the LFPH team on the GCCN Trust Registry Network initiative, we had the opportunity to explore and extend the TRAIN Infrastructure for COVID certificate trust management. Prior to this work, TRAIN was already implemented for a variety of use cases such as IoT/Industry 4.0, verification of refugee educational documents. We believe that TRAIN will be able to provide lightweight solutions pertaining to trust management on a global scale for a wide range of public health scenarios. We are looking forward to working on the further developments of the GCCN Trust Registry Network based on the stakeholders’ needs for COVID and beyond.” – Isaac Henderson, Technical Architect, Fraunhofer IAO.
The GCCN Trust Registry Network provides a model for managing global, distributed trust registries/authorities. The Network enrolls trust registries/authorities as entries and supports the structure and meta-data for a variety of trust registries, along with a mechanism to access and update the entries using machine and human accessible formats. We worked with the LFPH team to define the meta-data and workflows for enrollment, and developed the demo application to validate these requirements and the POC interface to integrate with the TRAIN infrastructure. We look forward to continuing to work with LFPH and other partners to further develop the GCCN Trust Registry Network and create a reusable trust management solution for use cases beyond COVID. – Savita Farooqui, Founder, Symsoft Solutions
Finema’s solution plays a big part in the verification of different digital vaccine credentials for the Thailand Pass portal that has been a major factor in reopening Thailand’s borders and encouraging global travel. Through that work, we saw and experienced a clear need for a highly secure global trust network that promotes greater interconnectivity and interoperability between various COVID vaccination credentials from different nations, organizations and individuals throughout the world. Finema was happy to support the POC development of the GCCN Trust Registry Network through our solutions, and we look forward to building further on this work for border reopening and other use cases. – Pakorn Leesakul, CEO, Finema Co. Ltd.
In the meantime, if you have any questions about the GCCN Trust Registry Network and the POC, please email the LFPH team at email@example.com.
The post LFPH Completes the Proof-of-Concept of its GCCN Trust Registry Network appeared first on Linux Foundation.