Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

Field Guide to Internet Trust Models: Winner Take All

By 5 Comments

3Party

“Winner Take All” Three Party Model

A special case of the three party model where the service provider wants to allow the requester to use an existing identity, but only accepts authentication from a defined set of providers. Participants sign an agreement with the identity provider, which also allows them to talk to one another.

Examples: Apple completely controls the channel between app vendors and iPhone users, deciding which applications are available and which users are allowed to use them. Spotify and Zynga games depend upon Facebook for authentication.

When to Use: The service provider wants to take part in a large, established channel, or requires a high level of assurance.

Advantages: The requester can use an existing identity, which lowers the amount of effort required to use a new service. The service provider gets access to the users of an identity network without having to manage the accounts itself. Some identity providers offer higher security than the service could practically provide on its own.

Large three-party model identity providers like Facebook, Google, and PayPal dedicate substantial resources to security.

Disadvantages: Because participants can only interact if they have been authenticated by a single identity provider, that provider wields substantial power. The identity provider effectively controls the requester’s ability to use other company’s products. For instance, a requester who loses their account with the identity provider also loses all of the services where they used that identity. If you use your Facebook to sign in to other products then you also lose those other products if your Facebook account is closed.

Conversely, a service provider that depends on a single third party identity provider leaves themselves open to the third party deciding to change its terms.

Ability to Scale: Difficult to get started because it is only interesting to service providers when it has consumers, but only interesting to consumers if it can offer interesting services. Once they are established and functioning, however, a successful identity provider can build a very large network.

The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing
 

ConvertKit Form

Join to get updates from Identity Woman

Kaliya is beginning to share regular updates about her work. This will help keep you up to date with all her work.

We won't send you spam. Unsubscribe at any time. Powered by ConvertKit

Reader Interactions

Trackbacks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Mailing ListStay up to date with digital identity!

Your guide to Self-Sovereign Identity!

A comprehensive analysis of the technology, standards, projects, and companies that use blockchain for identity.

With Self Sovereign Identity, use Blockchain to enable a decentralized digital identity paradigm across the Internet.

Digital identity is an infrastructure necessary to do most everything on the Internet. Companies own the digital identities of the people that use their services. Centralized databases are a security risk for cyberattacks; not to mention the low integrity of stored data, and users have little to no control of how their data is secured.

This book will jumpstart your understanding of the industry; introduce you to the main technology, ledgers, wallets and projects; and help you understand how the pieces fit together. 

Get it now

Never see this message again