ETSI GR PDL 030 V1.1.1 (2025-05)

GROUP REPORT
Permissioned Distributed Ledger (PDL);
Trust in Telecom System
Disclaimer
The present document has been produced and approved by the Permissioned Distributed Ledger (PDL) ETSI Industry
Specification Group (ISG) and represents the views of those members who participated in this ISG.
It does not necessarily represent the views of the entire ETSI membership.

2 ETSI GR PDL 030 V1.1.1 (2025-05)

Reference
DGR/PDL-0030_Trust_Telecom
Keywords
PDL, trust
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from the
ETSI Search & Browse Standards application.
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format on ETSI deliver repository.
Users should be aware that the present document may be revised or have its status changed,
this information is available in the Milestones listing.
If you find errors in the present document, please send your comments to
the relevant service listed under Committee Support Staff.
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure (CVD) program.
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
No representation or warranty is made that this deliverable is technically accurate or sufficient or conforms to any law
and/or governmental rule and/or regulation and further, no representation or warranty is made of merchantability or fitness
for any particular purpose or against infringement of intellectual property rights.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2025.
All rights reserved.
ETSI
3 ETSI GR PDL 030 V1.1.1 (2025-05)
Contents
Intellectual Property Rights . 8
Foreword . 8
Modal verbs terminology . 8
1 Scope . 9
2 References . 9
2.1 Normative references . 9
2.2 Informative references . 9
3 Definition of terms, symbols and abbreviations . 10
3.1 Terms . 10
3.2 Symbols . 11
3.3 Abbreviations . 11
4 Trust-Related Definitions . 12
4.1 Definition of Trust . 12
4.2 Key Aspects of Trust . 13
4.2.1 Objective and Subjective Nature . 13
4.2.2 Quantifiability . 13
4.2.3 Multi-faceted Nature . 13
4.2.4 Subjective Evaluation . 13
4.2.5 Dynamic Nature . 13
4.2.6 Context Dependence . 14
4.2.7 Asymmetric Relationship . 14
4.3 Trust Evaluation Process . 15
5 Introduction to Trust in Telecom System . 15
5.1 3GPP Telecom Networks . 15
5.1.1 Components of 3GPP Telecom Networks . 15
5.1.2 Functionality of Network Components . 15
5.1.2.1 Radio Access Network (RAN) . 15
5.1.2.2 Core Network (CN) . 15
5.1.3 Future Trends in 5G-Advanced (5GA) and 6G. 16
5.1.3.1 Evolution of UE Roles . 16
5.1.3.2 Shift Towards Decentralized Architecture . 16
5.1.3.3 Increased UE Collaboration . 16
5.1.3.4 Distribution of Network Functions . 17
5.1.3.5 User-Centric Approach . 17
5.1.4 Emerging Trends in 3GPP Development . 17
5.1.4.1 Network of Service Robots with Ambient Intelligence. 17
5.1.4.1.1 3GPP SA1. 17
5.1.4.1.2 Study Objectives . 17
5.1.4.1.3 Potential Applications . 17
5.1.4.1.4 Expected Outcomes . 18
5.1.4.2 User-Centric Approach in Telecom Services . 18
5.1.4.2.1 3GPP SA2. 18
5.1.4.2.2 Current Limitations . 18
5.1.4.2.3 Future Vision . 18
5.1.4.2.4 Study Focus . 18
5.1.4.2.5 Expected Benefits . 18
5.1.4.3 Implications for Trust in Telecom Systems . 18
5.2 Existing Trust Mechanisms in 3GPP Networks . 18
5.2.1 Existing status . 18
5.2.2 Security Domains in 3GPP 5G . 19
5.2.2.1 Network Access Security . 19
5.2.2.1.1 Focus . 19
5.2.2.1.2 Primary Authentication and Key Agreement. 19
5.2.2.1.3 Secondary Authentication. 19
ETSI
4 ETSI GR PDL 030 V1.1.1 (2025-05)
5.2.2.1.4 Security Context Establishment . 19
5.2.2.1.5 Security Mode Command Procedure . 20
5.2.2.2 Network Domain Security . 20
5.2.2.2.1 Focus . 20
5.2.2.2.2 Key Components . 20
5.2.2.2.3 Security Features . 21
5.2.2.3 Service-Based Architecture (SBA) Domain Security . 21
5.2.2.3.1 Focus . 21
5.2.2.3.2 Key Components . 21
5.2.2.3.3 Security Features . 22
5.2.2.3.4 Implementation Aspects . 22
5.2.3 Zero Trust Architecture in 3GPP . 23
5.2.3.1 3GPP TR 33.894 . 23
5.2.3.2 Key Objectives . 23
5.2.3.3 Implementation Considerations . 23
5.2.4 Ongoing Studies on Zero Trust . 23
5.2.4.1 3GPP TR 33.794 . 23
5.2.4.2 Key Issues Under Investigation. 23
5.2.5 Emerging Trust Concepts in 3GPP . 23
5.2.5.1 Distributed Trust . 23
5.2.5.2 User-Centric Trust . 23
5.2.6 Future Directions . 23
6 Existing Standards and Trust Mechanisms. 24
6.1 Trust Computing Group (TCG) . 24
6.1.1 Purpose of TCG . 24
6.1.2 TCG's Approach to Trust . 24
6.1.2.1 Integrity Measurement and Verification . 24
6.1.2.1.1 Definition. 24
6.1.2.1.2 Process . 24
6.1.2.2 Roots of Trust. 24
6.1.2.2.1 Root of Trust for Measurement (RTM) . 24
6.1.2.2.2 Root of Trust for Storage (RTS) . 24
6.1.2.2.3 Root of Trust for Reporting (RTR) . 24
6.1.2.3 Transitive Trust . 25
6.1.2.3.1 Purpose . 25
6.1.2.3.2 Process . 25
6.1.3 TCG Specifications and Implementations . 25
6.1.3.1 Trusted Platform Module (TPM) . 25
6.1.3.2 Practical Implementation . 25
6.1.3.3 TPM Services . 25
6.1.4 Example: Trust in a Desktop Computer . 25
6.1.4.1 Aspects of Trustworthiness in a Desktop . 25
6.1.4.1.1 Boot-time Integrity . 25
6.1.4.1.2 Runtime Integrity. 25
6.1.4.1.3 Application Monitoring . 26
6.1.4.2 Trust Chain Establishment Steps . 26
6.1.4.2.1 BIOS Verification . 26
6.1.4.2.2 Bootloader Verification . 26
6.1.4.2.3 OS Kernel Verification . 26
6.1.4.2.4 System Components Verification . 26
6.1.4.2.5 Application Verification . 26
6.1.4.3 Continuous Trust Maintenance . 26
6.1.4.4 Benefits of This Approach . 26
6.2 ITU-T . 27
6.2.1 Recommendation ITU-T Y.3052 . 27
6.2.2 Trust Categorization . 27
6.2.3 Direct and Indirect Trust . 27
6.2.4 Aspects of Trust in ICT . 27
6.2.5 Trust Provisioning Process . 27
6.3 NIST . 27
6.3.1 Special Publication 800-207 . 27
ETSI
5 ETSI GR PDL 030 V1.1.1 (2025-05)
6.3.2 Core Principles of Zero Trust . 28
6.3.2.1 Fundamental Concept. 28
6.3.2.2 Key Features . 28
6.3.3 Zero Trust Architecture (ZTA) Implementation . 28
6.3.3.1 Adoption Trend . 28
6.3.3.2 Key Components . 28
6.3.3.3 Trust Zones . 28
6.3.3.4 Design Goal. 28
6.3.4 Rationale for Zero Trust . 28
6.3.4.1 Changing Work Environments . 28
6.3.4.2 Security Paradigm Shift . 28
6.3.5 Key Tenets of Zero Trust Architecture . 28
6.4 IETF . 29
6.4.1 Significant approaches . 29
6.4.2 Remote Attestation Procedures (RATS) . 29
6.4.2.1 IETF RFC 9334 . 29
6.4.2.2 Key Roles in RATS . 29
6.4.2.3 RATS Process . 29
6.4.2.4 Use Case Example: Network Endpoint Assessment . 29
6.4.2.5 Trust Model in RATS. 29
6.4.3 Trusted Execution Environment Provisioning (TEEP) . 30
6.4.3.1 IETF RFC 9397 . 30
6.4.3.2 Key Concepts . 30
6.4.3.3 TEEP Protocol . 30
6.4.3.3.1 Overview . 30
6.4.3.3.2 Process Overview . 30
6.4.3.4 Security Measures . 30
6.5 ETSI . 30
6.5.1 Key Approaches . 30
6.5.2 Decentralized Identifiers (DIDs) and Trust Management . 31
6.5.2.1 Overview . 31
6.5.2.2 DID-related Operations . 31
6.5.3 Self-Sovereign Identity (SSI) in Telecom Networks . 31
6.5.3.1 Gap Analysis . 31
6.5.3.2 Objectives. 31
6.5.4 Reputation Management in PDL Systems . 31
6.5.4.1 Types of Reputation . 31
6.5.4.2 Reputation Management Aspects . 32
6.5.5 Trust in Network Function Virtualisation (NFV) . 32
6.5.5.1 Mapping RATS Roles to NFV Entities . 32
6.6 eIDAS (910-2014) . 32
6.6.1 eIDAS (910-2014) brief . 32
6.6.2 Key Objectives . 32
6.6.3 Main Components . 32
6.6.3.1 Electronic Identification (eID) . 32
6.6.3.2 Trust Services . 32
6.6.4 Key Principles . 33
6.6.5 Impact . 33
6.6.6 Implementation . 33
7 Use Cases for Trust in Telecom System . 33
7.1 Introduction . 33
7.2 Use Case 1 - Decentralized Trust Evaluation . 33
7.3 Use Case 2 - Granular and Customized Trust Evaluation . 35
7.4 Use Case 3 - Enabling User-centric Trust . 36
7.5 Use Case 4 - Trust-aware UE-to-UE Interaction Model (Service Producer & Service Consumer) and
Trust Enablement using Smart Contract . 37
7.6 Use Case 5 - Trust-aware UE-to-UE Interaction Model (Task Initiator & Task Participant) . 39
8 Key Issues . 40
8.1 Introduction . 40
8.2 Key Issue 1 - Trust Evaluation in Different Task Lifecycle Stages . 41
ETSI
6 ETSI GR PDL 030 V1.1.1 (2025-05)
8.3 Key Issue 2 - Granular and Customized Trust Evaluation . 41
8.4 Key Issue 3 - Trust Data Recording, Discovery and Retrieval . 42
8.5 Key Issue 4 - TMF Registration and Discovery . 42
8.6 Key Issue 5 - Smart Contract-based Trust Enablement . 42
8.7 Key Issue 6 - Service Access Considering User-Centric Trust . 43
8.8 Key Issue 7 - Service Interaction Incorporating Trust Index . 43
9 Conclusions and Next Steps . 44
9.1 Summary . 44
9.2 Recommendations for Next Steps . 44
History . 45

ETSI
7 ETSI GR PDL 030 V1.1.1 (2025-05)
List of figures
Figure 1: Future Trend: UE Acting as Both Provider and Consumer and Advanced UE Collaboration .16
Figure 2: UE-1 Has Two Different Roles For Serving UE-2 and UE-3 .35
Figure 3: UE-1 Has One Role For Serving UE-2 and UE-3 .36
Figure 4: Dynamic Context and Behaviour of UE-1 (Leading to Changing Trust) .37
Figure 5: UE-to-UE Interaction Model-1: Service Producer and Service Consumer .38
Figure 6: UE-to-UE Interaction Model-2: Task Initiator (TI) and Task Participant (TP) .39

List of tables
Table 1: Mapping between Key Issues and Use Cases.41

ETSI
8 ETSI GR PDL 030 V1.1.1 (2025-05)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The declarations
pertaining to these essential IPRs, if any, are publicly available for ETSI members and non-members, and can be
found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to
ETSI in respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the
ETSI IPR online database.
Pursuant to the ETSI Directives including the ETSI IPR Policy, no investigation regarding the essentiality of IPRs,
including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not
referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become,
essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its
Members. 3GPP™, LTE™ and 5G™ logo are trademarks of ETSI registered for the benefit of its Members and of the
3GPP Organizational Partners. oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and of ®
the oneM2M Partners. GSM and the GSM logo are trademarks registered and owned by the GSM Association.
Foreword
This Group Report (GR) has been produced by ETSI Industry Specification Group (ISG) Permissioned Distributed
Ledger (PDL).
Modal verbs terminology
In the present document "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be
interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

ETSI
9 ETSI GR PDL 030 V1.1.1 (2025-05)
1 Scope
The present document describes scenarios and use cases in telecom system that need trustworthiness among different
entities such as users, devices, networks, and applications. Technologies for providing such trustworthiness will be
reviewed. Using PDL for realizing trust in telecom system will be discussed and demonstrated. The present document
also discusses the key issues or topics related to how to enable PDL-enabled trust in telecom system, such as user trust,
distributed trust, trust management, etc. The potential standardization recommendations on those key issues or topics
may also be investigated.
2 References
2.1 Normative references
Normative references are not applicable in the present document.
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long-term validity.
The following referenced documents may be useful in implementing an ETSI deliverable or add to the reader's
understanding, but are not required for conformance to the present document.
[i.1] 3GPP TS 23.501 (V18.0.0) (2022-12): "System Architecture for the 5G System (5GS); Stage 2
(Release 18)".
[i.2] 3GPP SP-220447: "Study on Network of Service Robots with Ambient Intelligence". 3GPP TSG
Meeting #96e, 2022.
[i.3] 3GPP SP-231804: "New Study on User Identities and Authentication Architecture". TSG SA
Meeting #102, 2023.
[i.4] 3GPP TS 33.501 (V18.2.0) (2023-06): "Security Architecture and Procedures for 5G System
(Release 18)".
[i.5] 3GPP TR 33.894 (V19.0.0) (2023-09): "Study on Applicability of the Zero Trust Security
Principles in Mobile Networks (Release 18)".
[i.6] NIST Special Publication 800-207: "Zero Trust Architecture, National Institute of Standards and
Technology", 2020.
[i.7] 3GPP TR 33.794 (V0.3.0) (2024-05): "Study on enablers for Zero Trust Security (Release 19)".
[i.8] 3GPP S1-240238: "Study on distributed device and user-centric trust". 3GPP TSG- SA1 Meeting
#105, 2024.
[i.9] Trusted Computing Group: "TCG Specification Architecture Overview", TCG Specification
Revision 1.4, The Trusted Computing Group, Portland, OR, USA, August 2007.
[i.10] Recommendation ITU-T Y.3052 (2017): "Overview of trust provisioning in information and
communication technology infrastructures and services".
[i.11] IETF RFC 9334 (January 2023): "Remote Attestation Procedures (RATS) Architecture".
[i.12] IETF RFC 9397 (July 2023): "Trusted Execution Environment Provisioning (TEEP) Architecture".
ETSI
10 ETSI GR PDL 030 V1.1.1 (2025-05)
[i.13] ETSI GS PDL 023 (V1.1.1) (2024-04): "PDL service enablers for Decentralized Identification and
Trust Management".
[i.14] ETSI GS PDL 027 (V0.0.3) (2024-02): "Permissioned Distributed Ledger (PDL); Self-sovereign
identity (SSI) in telecom networks".
[i.15] ETSI GS PDL 015 (V1.1.1) (2023-01): "Permissioned Distributed Ledger (PDL); Reputation
management".
[i.16] ETSI GS NFV-SEC 024 (V0.0.8) (2023-09): "Network Functions Virtualisation (NFV) Security;
Security Management Specification".
[i.17] eIDAS Made Easy!.
[i.18] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market.
[i.19] 3GPP TS 23.304 (V19.0.0) (2024-06): "Proximity based Services (ProSe) in the 5G System
(5GS)".
[i.20] ETSI TS 133 503 (V18.3.0): "5G; Security Aspects of Proximity based Services (ProSe) in the 5G
System (5GS) (3GPP TS 33.503 version 18.3.0 Release 18)".
[i.21] 3GPP TR 23.700-32: "Study on User Identities and Authentication Architecture".
3 Definition of terms, symbols and abbreviations
3.1 Terms
For the purposes of the present document, the following terms apply:
distributed trust: trust relationship built without fully relying on a centralized party
NOTE 1: Such a centralized party may be used to facilitate to build distributed trust relationship.
NOTE 2: Distributed trust can be established among devices, between devices and networks, or between networks.
trust: measurable belief about the quality/behaviour/performance/characteristic of an entity from history and the future
expectation on various trust indicators
NOTE: Trust covers many other aspects beyond security.
trust enablement: process to establish trust between entities, including mutual authentication as well as other advanced
and decentralized mechanisms, such as smart contract, etc.
trust evaluation: process to collect various data related to an entity and deduce a trust index of an entity.
trust index: aggregated metric of multiple focused trust indicators and can be deduced from a trust evaluation process
trust indicator: trust from a particular aspect, such as security, privacy, resiliency, performance, robustness, scalability,
availability, accuracy, reliability, consistency, etc.
trust management: various activities related to trust, such as trust evaluation, trust estimation, trust enablement, etc.
user credential management: activities related to creating, publishing, maintaining, discovery and usage of user
credential in the telecom system
NOTE: In order to enable user-centric trust, user credential should be made available in the telecom system.
ETSI
11 ETSI GR PDL 030 V1.1.1 (2025-05)
user identifier management: various activities to manage user identifier (e.g. create, update, delete, etc.) in telecom
system
NOTE: In particular, decentralized user identifier manager may be built on top of distributed ledger
infrastructure.
user trust: trust relationship relying on user credentials instead of fully relying on or in addition to SIM-based primary
authentication in current 5G system
NOTE: User trust also can be established among devices, and between devices and networks. User trust can
enable user-centric trustworthiness expanding or beyond existing SIM-based authentication and trust.
3.2 Symbols
Void.
3.3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
3GPP Third Generation Partnership Project
5G Fifth Generation
5GA 5G-Advanced
5G-AKA 5G Authentication and Key Agreement
5GS 5G System
6G Sixth Generation
AAA Authentication, Authorization, and Accounting
AI/ML Artificial Intelligence / Machine Learning
AKA Authentication and Key Agreement
AMF Access and Mobility Function
AR Augmented Reality
AS Application Server
BIOS Basic Input/Output System
BYOD Bring Your Own Device
CN Core Network
DID Decentralized IDentifier
EAP-5G Extensible Authentication Protocol for 5G
eID electronic IDentification
eIDAS electronic IDentification, Authentication and trust Services
ETSI European Telecommunications Standards Institute
EU European Union
ICT Information and Communication Technology
IETF Internet Engineering Task Force
IoT Internet of Things
KI Key Issue
NAS Non-Access Stratum
NF Network Function
NFV Network Function Virtualisation
NIST National Institute of Standards and Technology
NRF Network Repository Function
NW NetWork
OS Operating System
PCR Platform Configuration Register
PDL Permissioned Distributed Ledger
PDP Policy Decision Point
PDU Protocol Data Unit
PEP Policy Enforcement Point
ProSe Proximity-based Services
QoS Quality-of-Service
RAN Radio Access Network
RATS Remote Attestation procedures
ETSI
12 ETSI GR PDL 030 V1.1.1 (2025-05)
REE Rich Execution Environment
RTM Root of Trust for Measurement
RTR Root of Trust for Reporting
RTS Root of Trust for Storage
SA Service and System Aspect
SBA Service-Based Architecture
SCP Service Communication Proxy
SDO Standards Development Organization
SIM Subscriber Identity Module
SMF Session Management Function
SP Special Publication
SSI Self-Sovereign Identity
TA Trusted Application
TAM Trusted Application Manager
TCG Trust Computing Group
TEE Trusted Execution Environment
TEEP Trusted Execution Environment Provisi
...