• Skip to primary navigation
  • Skip to main content

Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

  • About
  • Services
  • Media Coverage
  • Podcast
  • Blog
  • Contact
  • Show Search
Hide Search

Field Guide to Internet Trust Models: The Sole Source

Kaliya Young · November 30, 2014 · 8 Comments

Sole Source

A Sole Source is an organization that acts as identity provider (IdP) and relying party (RP) for itself. This organization issues all identities that it recognizes, and only trusts identities that it has issued.
An organization like this does not federate identities at all. Because it does not connect to anything else, this model is sometimes referred to as a Silo, an Identity Island, or a Standalone Domain. The service provider performs its own verification and dictates governance, privacy, and technical terms to all participants.
There is minimal – if any – negotiation between the requester and the service provider. The service provider manages the entire account lifecycle from creation through retirement.
Examples
Historically, this has been the most common identity model because it can be implemented simply and gives the service provider the most control. Large, consumer-facing services like eBay, Facebook, and Yahoo! were created with sole source identity, although many are adopting newer models as internet technology has evolves. Internal corporate services are often sole source, and only accept identities issued by the organization.
The Sole Source identity model
Financial services, and health insurance, are likely to remain sole source identity providers until a strong, multifactor identity gains momentum with consumers and liability questions are settled. There have been several attempts to do this, but none has yet achieved critical mass.
Being a sole source provider does not guarantee account security, as end users may simply give their account login and password to a third party. Tricking users into giving up account information is a common tactic used by “phishing” sites and other criminals, but legitimate services like Mint.com (a US-based financial service provider) also ask for credentials in order to combine information from sites that do not provide APIs.
When to Use
A service that maintains particularly confidential information or valuable assets, or that operates in an uncertain environment. If proper operation and risk management requires a high level of assurance, then consider being a sole source.
Advantages
The service provider can authenticate requesters to whatever level of assurance it desires before issuing an identity and does not depend upon third parties.
Disadvantages
The service provider bears the full management cost of the identity life cycle. The requirement to create a new identity may discourage potential users of the service. The service must provide a product attractive enough to justify asking the requester to create and manage a new account.
Ability To Scale
When the service provider does not need to integrate with any other services or when it is in a position to dictate terms, a sole source trust model can scale to very large systems. The requirement to create and remember new identity can be a barrier to growing the number of active users.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise Federation,  Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

Internet Trust Models, My Papers, Trust Framework

ConvertKit Form

Join to get updates from Identity Woman

Kaliya is beginning to share regular updates about her work. This will help keep you up to date with all her work.

Success! Now check your email to confirm your subscription.

There was an error submitting your subscription. Please try again.

We won't send you spam. Unsubscribe at any time. Powered by ConvertKit

Reader Interactions

Trackbacks

  1. Field Guide to Internet Trust Models: Introduction says:
    November 30, 2014 at 9:14 pm

    […] Sole source: A service provider only trusts identities that it has issued. […]

    Reply
  2. Field Guide to Internet Trust Models: Peer-to-Peer Trust and Identity says:
    November 30, 2014 at 9:20 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  3. Field Guide to Internet Trust Models: Open Trust Frameworks says:
    November 30, 2014 at 9:24 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  4. Field Guide to Internet Trust Models: Technical Federation says:
    November 30, 2014 at 9:33 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  5. Field Guide to Internet Trust Models: Federations says:
    November 30, 2014 at 9:36 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  6. Field Guide to Internet Trust Models: Three Party Model says:
    November 30, 2014 at 9:37 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  7. Field Guide to Internet Trust Models: Centralized Token Issuance, Distributed Enrollment says:
    November 30, 2014 at 9:39 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply
  8. Field Guide to Internet Trust Models: Pairwise Agreement says:
    November 30, 2014 at 9:46 pm

    […] Sole source, Pairwise Federation,  Peer-to-Peer, […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

     Copyright © 2023 Identity Woman  evelurie.com/web design/develop     

  • Terms of Use
  • Privacy Policy
  • Sitemap
  • Contact