Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

Field Guide to Internet Trust Models: Three Party Model

By 3 Comments

Three Party Model

A trusted third party provides identities to both the requester and service provider. In order to interact with one another, both must agree to trust the same identity provider.

Examples: Google, Facebook, American Express, Paypal, Amazon, iTunes App Store


 

There are two broad types of Three Party Model. If one (or both) of the parties insists on a particular identity provider, we refer to it as a Winner Take All network because other identity providers are locked out. If only technical methods are specified and the requester is free to specify any identity provider they like, we refer to it as a Bring Your Own Identity network.

When to Use: An identity provider may choose to offer a three party model when it can provide identities more efficiently than the requester or service provider can on their own. Requesters and service providers may choose to implement a three party network for access to an existing market.

Advantages: Separates identity management from the service being provided. In cases where a shared third party is available, this model simplifies the process of exchanging trusted identities. Malicious actors can be identified and isolated from the entire network. Requesters can use a single identity with many service providers, and service providers can trust requesters without having to verify each one.

Disadvantages: Because participants can only interact if they have been authenticated by a single identity provider, that provider wields substantial power. The identity provider effectively controls the requester’s ability to use services and the services’ ability to work with requesters.

For instance, a requester who loses their account with the identity provider also loses all of the services where they used that identity. If you use your Facebook to sign in to other products then you also lose those other products if your Facebook account is closed.

Ability to Scale: Very difficult to get started because a three party network is not interesting to service providers until it has users, but only attracts users if it has interesting services. Once they are established and functioning, however, a successful three party network can grow extremely large.

The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

ConvertKit Form

Join to get updates from Identity Woman

Kaliya is beginning to share regular updates about her work. This will help keep you up to date with all her work.

We won't send you spam. Unsubscribe at any time. Powered by ConvertKit

Reader Interactions

Trackbacks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Mailing ListStay up to date with digital identity!

Your guide to Self-Sovereign Identity!

A comprehensive analysis of the technology, standards, projects, and companies that use blockchain for identity.

With Self Sovereign Identity, use Blockchain to enable a decentralized digital identity paradigm across the Internet.

Digital identity is an infrastructure necessary to do most everything on the Internet. Companies own the digital identities of the people that use their services. Centralized databases are a security risk for cyberattacks; not to mention the low integrity of stored data, and users have little to no control of how their data is secured.

This book will jumpstart your understanding of the industry; introduce you to the main technology, ledgers, wallets and projects; and help you understand how the pieces fit together. 

Get it now

Never see this message again