In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the network. For contrast, a federation network where the participants connect directly with one another rather than going through a central clearinghouse is called a Mesh.
Examples: WAYF provides federated single sign-on to Denmark’s higher education, research institutions, and libraries.
When to Use: A large entity is available to act as an identity clearing house.
Advantages: Encourages use of digital identity by providing a central clearinghouse for authentication. Service providers only need to integrate with a single identity provider. Requesters can choose from a variety of identity providers.
Disadvantages: Requires substantial investment that may only be available to very large institutions or states.
Ability to Scale: Can scale to support national identity programs.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing
[…] 1) Mesh Federations 2) Technical Federations 3) Inter-Federation […]