Primary Trust Interoperability Profiles

This page displays a list of primary trust interoperability profiles (TIPs) that have been created on this system.

Trust Interoperability Profile	Version
ACM Privacy Recommendations XML \| JSON \| Profile of requirements from the Association for Computing Machinery (ACM) Privacy Recommendations	1.0
APEC Privacy Principles XML \| JSON \| Profile of requirements from the Asia-Pacific Economic Cooperation (APEC) Privacy Principles	1.0
CJIS Security Policy XML \| JSON \| Profile of FBI Criminal Justice Information Services (CJIS) requirements as defined by the CJIS Security Policy, version 5.9.	5.9
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Basic Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Basic level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (High Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the High level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Medium Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Medium level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Medium Hardware Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Medium Hardware level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (PIV-I Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the PIV-I level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Rudimentary Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Rudimentary level of assurance (LOA).	2.27
FICAM TFPAP Privacy Requirements XML \| JSON \| Profile of privacy requirements from the Federal Identity, Credential, and Access Management (FICAM) Trust Framework Solutions Trust Framework Provider Adoption Process	1.0
Fusion Center Privacy Policy Requirements XML \| JSON \| Profile of requirements from the Fusion Center Privacy Policy Development: Privacy, Civil Rights, and Civil Liberties Policy Template	1.0
GDPR Data Controller Compliance Profile XML \| JSON \| Profile of requirements from the General Data Protection Regulation (GDPR) (EU) 2016/679 for the role of a Data Controller.	1.0
GDPR Data Processor Compliance Profile XML \| JSON \| Profile of requirements from the General Data Protection Regulation (GDPR) (EU) 2016/679 for the role of a Data Processor.	1.0
HIPAA Covered Entity Profile XML \| JSON \| Profile of the requirements in the HIPAA Regulations (per 45 CFR Section 164) for a Covered Entity by collecting all the relevant TIPs and TDs.	1.0
IDEF Identity Provider Profile XML \| JSON \| Profile of all Identity Ecosystem Framework (IDEF) requirements that apply to all identity provider entities participating in the Identity Ecosystem.	1.0
IDEF Relying Party Profile XML \| JSON \| Profile of all Identity Ecosystem Framework (IDEF) requirements that apply to all relying party entities participating in the Identity Ecosystem.	1.0
IDEF Supplemental Identity Provider Best Practices XML \| JSON \| Profile of Identity Ecosystem Framework (IDEF) supplemental best practices that are not required but are recommended for all identity provider entities participating in the Identity Ecosystem.	1.0
IDEF Supplemental Relying Party Best Practices XML \| JSON \| Profile of Identity Ecosystem Framework (IDEF) supplemental best practices that are not required but are recommended for all relying party entities participating in the Identity Ecosystem.	1.0
ISO/IEC 27001:2022 Compliance Profile XML \| JSON \| Profile of requirements in accordance with the security and privacy controls specified by ISO/IEC Publication 27001:2022 and further clarified by ISO/IEC Publication 27002:2022.	2022
NIST SP 800-218 SSDF Compliance Profile XML \| JSON \| Profile of requirements from the NIST Secure Software Development Framework (SSDF), version 1.1.	1.1
NIST SP 800-53 r4 - All Security Controls for HIGH Impact Systems XML \| JSON \| Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 - All Security Controls for LOW Impact Systems XML \| JSON \| Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 - All Security Controls for MODERATE Impact Systems XML \| JSON \| Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 Privacy Controls XML \| JSON \| Profile of requirements corresponding to all privacy controls in NIST Special Publication 800-53 r4.	4
NIST SP 800-63-3 CSP Profile XML \| JSON \| Profile of requirements that a Credential Service Provider (CSP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federated RP Profile XML \| JSON \| Profile of requirements that a federated Relying Party (RP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federation Authority Profile XML \| JSON \| Profile of requirements that a Federation Authority must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federation Proxy Profile XML \| JSON \| Profile of requirements that the operator of a Federation Proxy must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 IdP Profile XML \| JSON \| Profile of requirements that a federated Identity Provider (IdP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
OECD Privacy Principles XML \| JSON \| Profile of privacy requirements from the Organization of Economic Cooperation and Development (OECD) Privacy Principles	1.0
SAFE-HARBOR Privacy Requirements XML \| JSON \| Profile of privacy requirements from the U.S. EU Safe Harbor Framework	1.0
Secure-by-Design Pledge Compliance Profile XML \| JSON \| Profile of requirements from the Secure-by-Design Pledge, published by the U.S. Dept of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA), for providers of enterprise software products and services - including on-premises software, cloud services, and software as a service (SaaS). Enables an organization to demonstrate alignment with the principles and practices articulated by the Secure-by-Design initiative.	1.0
U.S. Department of Health and Human Services (HHS) Privacy and Security Framework Privacy Requirements XML \| JSON \| Profile of privacy requirements from the U.S. Department of Health and Human Services (HHS) Privacy and Security Framework	1.0

« Index Page

Trust Interoperability Profile	Version
ACM Privacy Recommendations XML \| JSON \| Profile of requirements from the Association for Computing Machinery (ACM) Privacy Recommendations	1.0
APEC Privacy Principles XML \| JSON \| Profile of requirements from the Asia-Pacific Economic Cooperation (APEC) Privacy Principles	1.0
CJIS Security Policy XML \| JSON \| Profile of FBI Criminal Justice Information Services (CJIS) requirements as defined by the CJIS Security Policy, version 5.9.	5.9
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Basic Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Basic level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (High Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the High level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Medium Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Medium level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Medium Hardware Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Medium Hardware level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (PIV-I Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the PIV-I level of assurance (LOA).	2.27
Federal Bridge Certificate Authority (FBCA) Certificate Policy (Rudimentary Assurance) XML \| JSON \| Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, for entities operating at the Rudimentary level of assurance (LOA).	2.27
FICAM TFPAP Privacy Requirements XML \| JSON \| Profile of privacy requirements from the Federal Identity, Credential, and Access Management (FICAM) Trust Framework Solutions Trust Framework Provider Adoption Process	1.0
Fusion Center Privacy Policy Requirements XML \| JSON \| Profile of requirements from the Fusion Center Privacy Policy Development: Privacy, Civil Rights, and Civil Liberties Policy Template	1.0
GDPR Data Controller Compliance Profile XML \| JSON \| Profile of requirements from the General Data Protection Regulation (GDPR) (EU) 2016/679 for the role of a Data Controller.	1.0
GDPR Data Processor Compliance Profile XML \| JSON \| Profile of requirements from the General Data Protection Regulation (GDPR) (EU) 2016/679 for the role of a Data Processor.	1.0
HIPAA Covered Entity Profile XML \| JSON \| Profile of the requirements in the HIPAA Regulations (per 45 CFR Section 164) for a Covered Entity by collecting all the relevant TIPs and TDs.	1.0
IDEF Identity Provider Profile XML \| JSON \| Profile of all Identity Ecosystem Framework (IDEF) requirements that apply to all identity provider entities participating in the Identity Ecosystem.	1.0
IDEF Relying Party Profile XML \| JSON \| Profile of all Identity Ecosystem Framework (IDEF) requirements that apply to all relying party entities participating in the Identity Ecosystem.	1.0
IDEF Supplemental Identity Provider Best Practices XML \| JSON \| Profile of Identity Ecosystem Framework (IDEF) supplemental best practices that are not required but are recommended for all identity provider entities participating in the Identity Ecosystem.	1.0
IDEF Supplemental Relying Party Best Practices XML \| JSON \| Profile of Identity Ecosystem Framework (IDEF) supplemental best practices that are not required but are recommended for all relying party entities participating in the Identity Ecosystem.	1.0
ISO/IEC 27001:2022 Compliance Profile XML \| JSON \| Profile of requirements in accordance with the security and privacy controls specified by ISO/IEC Publication 27001:2022 and further clarified by ISO/IEC Publication 27002:2022.	2022
NIST SP 800-218 SSDF Compliance Profile XML \| JSON \| Profile of requirements from the NIST Secure Software Development Framework (SSDF), version 1.1.	1.1
NIST SP 800-53 r4 - All Security Controls for HIGH Impact Systems XML \| JSON \| Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 - All Security Controls for LOW Impact Systems XML \| JSON \| Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 - All Security Controls for MODERATE Impact Systems XML \| JSON \| Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4.	4
NIST SP 800-53 r4 Privacy Controls XML \| JSON \| Profile of requirements corresponding to all privacy controls in NIST Special Publication 800-53 r4.	4
NIST SP 800-63-3 CSP Profile XML \| JSON \| Profile of requirements that a Credential Service Provider (CSP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federated RP Profile XML \| JSON \| Profile of requirements that a federated Relying Party (RP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federation Authority Profile XML \| JSON \| Profile of requirements that a Federation Authority must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 Federation Proxy Profile XML \| JSON \| Profile of requirements that the operator of a Federation Proxy must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
NIST SP 800-63-3 IdP Profile XML \| JSON \| Profile of requirements that a federated Identity Provider (IdP) must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.	1.0
OECD Privacy Principles XML \| JSON \| Profile of privacy requirements from the Organization of Economic Cooperation and Development (OECD) Privacy Principles	1.0
SAFE-HARBOR Privacy Requirements XML \| JSON \| Profile of privacy requirements from the U.S. EU Safe Harbor Framework	1.0
Secure-by-Design Pledge Compliance Profile XML \| JSON \| Profile of requirements from the Secure-by-Design Pledge, published by the U.S. Dept of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA), for providers of enterprise software products and services - including on-premises software, cloud services, and software as a service (SaaS). Enables an organization to demonstrate alignment with the principles and practices articulated by the Secure-by-Design initiative.	1.0
U.S. Department of Health and Human Services (HHS) Privacy and Security Framework Privacy Requirements XML \| JSON \| Profile of privacy requirements from the U.S. Department of Health and Human Services (HHS) Privacy and Security Framework	1.0