Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

Field Guide to Internet Trust Models: Open Trust Frameworks

By 2 Comments

A Trust Framework is a specification that describes a set of identity proofing, security, and privacy policies. The framework is authored by subject matter experts, and is written with the intent that compliance can be assessed. The framework also lists the qualifications that an assessor must have in order to judge compliance.

A Framework Listing Service provides a publicly visible location where trust frameworks can be published and tracked. The listing service sets guidelines for acceptable frameworks and accredits assessors to verify that services implement the frameworks properly.

Examples: The Open Identity Exchange (OIX), Kantara Initiative, and InCommon operate framework listing services. A Framework Creator authors a trust framework that specifies identity validation policies and publishes it to a Framework Listing Service. The framework may also specify the qualifications required in order to be a valid assessor of the policy.

When to use: This should be used by networks who share a common set of technology and policy needs but are not in the business of creating technology networks or accrediting compliance.

Advantages: Standard, publicly available specifications that are designed by subject matter experts. Assessors can verify that the frameworks are implemented properly.

Disadvantages: Not broadly supported, evolving model.

Ability to scale: Because each component can be independently updated, a network based on open trust frameworks could potentially scale to be very large.

 

The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

ConvertKit Form

Join to get updates from Identity Woman

Kaliya is beginning to share regular updates about her work. This will help keep you up to date with all her work.

We won't send you spam. Unsubscribe at any time. Powered by ConvertKit

Reader Interactions

Trackbacks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Mailing ListStay up to date with digital identity!

Your guide to Self-Sovereign Identity!

A comprehensive analysis of the technology, standards, projects, and companies that use blockchain for identity.

With Self Sovereign Identity, use Blockchain to enable a decentralized digital identity paradigm across the Internet.

Digital identity is an infrastructure necessary to do most everything on the Internet. Companies own the digital identities of the people that use their services. Centralized databases are a security risk for cyberattacks; not to mention the low integrity of stored data, and users have little to no control of how their data is secured.

This book will jumpstart your understanding of the industry; introduce you to the main technology, ledgers, wallets and projects; and help you understand how the pieces fit together. 

Get it now

Never see this message again