ABSTRACT
The problem space of trust governance is discussed, and five business drivers for trust governance are
detailed, including the rise of Web Services, SAML, and Cross-Company Authentication. Xota
, a
protocol for providing lightweight standards-based trust assertions, is introduced, as well as a framework
for utilizing trusted third parties for generating trust assertions. With these in place, enterprise and
division security postures can be dynamically evaluated for trustworthiness at the time each transaction
or connection is made.