Modelling of Integrated Trust, Governance and Access safi.re: Information Sharing Architecture William J. Buchanan 1(&) , Omair Uthmani 1 , Lu Fan 1 , Niall Burns 1 , Owen Lo 1 , Alistair Lawson 1 , James Varga 2 , and Cassie Anderson 2 1 School of Computing, Edinburgh Napier University, 10 Colinton Road, Edinburgh EH10 5DT, UK w.buchanan@napier.ac.uk 2 miiCard, Elliot House, 8 Hillside Crescent, Edinburgh EH7 5EA, UK Abstract. We live in a world where trust relationships are becoming ever more important. The paper defines a novel modelling system of trust rela- tionships using Binary Decision Diagrams (BDDs), and outlines how this integrates with an information sharing architecture known as safi.re (Structured Analysis and Filtering Engine). This architecture has been used on a number of information sharing projects, including within health and social care integra- tion, and in sharing between the police and their community partners. The research aims to abstract the relationships between domains, organisations and units, into a formal definition, and then implement these as governance rules, and using the trust relationship definition, and the rules. Keywords: Information sharing  Trust  Governance  Binary Decision Diagrams 1 Introduction In an increasingly connected world, data is becoming a key asset, especially within a Big Data context, where data from different domains can be brought together to provide new in-sights. Most of the systems we have in-place, though, have been built to securely keep data behind highly secure environments, and then have difficulty in integrating with other disparate systems. This is now a major barrier to using data in a wide range of applications. Along with this, information sharing has many regulatory constraints, which often disable information sharing across domains, but, with care- fully managed information architectures, it is possible to overcome many of these problems. An important challenge is thus to support information sharing across different domains and groups, across multiple information systems. In the context of this paper, a domain is defined as the governance (and possible ownership) of a set of data, which is exposed to others through well-managed services. The problem of providing governance around trusted infrastructures is highlighted by Boris Evelson who outlines that [6]: M. Felici (Ed.): CSP EU FORUM 2013, CCIS 182, pp. 91–101, 2013. DOI: 10.1007/978-3-642-41205-9_8, Ó Springer-Verlag Berlin Heidelberg 2013