Two institutions want to trust identities issued by one another, but there is no outside governance or policy framework for them to do so. They negotiate a specific agreement that covers only the two of them. Each institution trusts the other to properly manage the identities that it issues.
Examples: A pairwise agreement can specify governance, security and verification policies, or specific technical methods.
Businesses might negotiate pairwise agreements with large supplier. Educational institutions may craft specific research agreements.
When to Use: Business or institutional partners want to grant one another access to confidential systems or information, but no standard contracts or umbrella organizations exist.
Advantages: Organizations can grant one another access to scarce resources and confidential information. Highly customized for the specific situation and participants.
Disadvantages: Time consuming and complex to negotiate, expensive. Difficult to scale.
Ability to Scale: Pairwise federations do not scale well, because each additional party will need to make a custom agreement with every other party.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing