MPAI-PTF V1.0 - Introduction

<-Foreword Go to ToC Scope ->

Technical Specification: Process Instance Trust Framework (MPAI‑PTF) V1.0 – in the following also called MPAI‑PTF or simply PTF – provides a standard framework enabling Process Instances to establish, evaluate, and maintain trust in distributed, zero‑trust environments. In this MPAI-PTF V1.0, Process Instance indicates either an AI Module (AIM) as specified by Technical Specification: AI Framework V3.0 or a Process as specified by Technical Specification: MPAI Metaverse Model (MPAI-MMM) – Technologies (MMM-TEC) V2.2.

MPAI-PTF V1.0 specifies how Process Instances represent their identity, present verifiable credentials, supply attestation evidence, and evaluate trust policies to support secure and interoperable interactions. PTF enables both standardised and proprietary Processes to participate in trusted ecosystems, provided they expose the data structures and protocol elements specified by MPAI‑PTF.

A Process Instance operating under PTF may perform standardised functions defined by MPAI, or proprietary functions defined by implementers, as long as it conforms to the identity, credential, evidence, and policy requirements of this Technical Specification. Developers can compete in providing PTF‑conforming components – such as credential issuers, evidence providers, and policy evaluators – that implement standard functions and interfaces while offering improved performance or enhanced security. Process Instances may execute conventional data processing or Artificial Intelligence algorithms and may be implemented in hardware, software, or hybrid configurations.

MPAI‑PTF specifies Profiles that define subsets of the trust framework suitable for different deployment environments.
The Basic Profile defines the minimum set of identity, credential, and evidence structures required for interoperable trust establishment.
The Security Profile extends the Basic Profile with additional requirements for attestation, evidence freshness, and policy‑driven verification suitable for zero‑trust and high‑assurance environments.

The Basic Profile has the following features:

Interoperability: Process Instances can exchange identity, credentials, and evidence in standard formats.
Modularity: Trust components (modules performing the functions of credential issuances, evidence provision, policy evaluation) are separable and replaceable.
Encapsulation: Trust structures are abstracted from implementation details.
Access: Implementations can use validated trust components from the MPAI Store.
Flexibility: Components may be implemented in software, hardware, or hybrid configurations.
Execution: Trust establishment can occur in local, distributed, and zero‑trust architectures.
Interaction: Process Instances can establish trust with other Instances operating in proximity or across networks.

The Security Profile inherits all functionalities of the Basic Profile. In addition, it enables:

Use of approved cryptographic algorithms.
Verification of attestation evidence.
Policy‑based evaluation of trust requirements.
Secure credential and evidence handling.
Certificate‑based secure communication (when used with AIF or MMM-TEC).

with the following general conditions:

A Process Instance may rely on hardware or OS security features available in its execution environment.
Evidence and credentials must be verifiable using the structures and algorithms defined in this Technical Specification.
Trust decisions must be derived from the verification pipeline defined by PTF.

Various actors – developers, integrators, and end users – benefit from the creation, composition, and execution of trusted Process‑based workflows composed of multi‑vendor components operating in a standard trust framework and exchanging identity, credentials, and evidence in standard formats:

Technology providers can offer standard‑conforming trust components to an open market.
Application developers can integrate trusted Processes from multiple vendors.
Innovation is fuelled by demand for more secure and higher‑performing trust components.
Consumers benefit from more reliable and transparent applications.
Society gains increased trust, accountability, and transparency in distributed AI‑based systems.

A Process Instance and its trust components may have three Interoperability Levels:

Level 1 – Proprietary and conforming to the MPAI‑PTF Standard.
Level 2 –Specified by an MPAI Application Standard.
Level 3 – Specified by an MPAI Application Standard and certified by a Performance Assessor.

MPAI-PTF offers Users access to the promised benefits of trustworthy AI‑based systems with a guarantee of increased transparency and reliability as the Interoperability Level of an Implementation moves from 1 to 3.

The chapters and sections of this Technical Specification are Normative unless they are labelled as Informative. Terms beginning with a capital letter are defined in Table 1 if specific to this MPAI-PTF Technical Specification. All MPAI-defined Terms are accessible online.

<-Foreword Go to ToC Scope ->

Cookie	Duration	Description
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Technical".
CookieLawInfoConsent	1 year	The cookie is set by the GDPR Cookie Consent plug-in and is used to store whether the user has consented to the use of cookies or not. It does not store any personal data.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_pk_id.6.08a8	13 months	Used to store a few details about the user such as the unique visitor ID
_pk_ses.6.08a8	30 minutes	Short lived cookies used to temporarily store data for the visit

MPAI-PTF V1.0 – Introduction

Notice