[WG-P3] [WG-IDAssurance] What to call a Relying Party in terms of aTrust Framework

Mark Lizar mark at smartspecies.com
Thu Mar 10 06:26:07 EST 2011


Okay, I will give this a shot, as I am just learning please be a bit  
patient with me.  :-)


 From what I understand there are four main Actor's that the  
discussion revolves around:  Identity Provider, Relying Party, Service  
Provider, Data Subject or Principle.

In Data Protection, there are Roles: Controller, Processor and  
Principle.

 From what Rainer describes, Actors can play multiple Roles when it  
comes to terms of Data Protection (representing legal requirements)

A single Identity Provider, can have a role as a controller and  
processor of identity attributes and credentials.

As such, an IdP as a controller (provides an identity to a Principle)  
The Principle inherits a privacy profile as a part of the identity,  
and the individual may also develop preferences for the use of the  
Identity that further defines this privacy profile.

The IdP, when acting as a processor (RP) should adhere to the privacy  
profile that is attached to the Identity by the IdP.  The profile is  
what administers the roles for use by actors.  In addition, for more  
advance use of these profiles more advanced privacy functionality  
needs to be integrated with the use of the profile across all actors.   
E.g. Salient Privacy Preferences, Consent Management and in-time  
Notice to modify the profile.

So for a real example imagine a big Telco - E.g. British Telecom  
(BT).  This Enterprise, has put the cable in the ground, offer phone  
and broadband services, then provides an digital Identity for use  
across all BT wireless routers so the Principle can log-in all over  
Britain.

In this simple conceptual example one company is the Service Provider,  
Identity Provider, and Relying Party.   Both the controller and the  
processor, so that one profile for the Principle is used for  
processing and controlling the identity attributes and credentials  
(which are often asked for by other utility companies or banks and  
used as credentials) used to enrol with other service providers.

Now, lets imagine a federation of telco providers. (might not be the  
best example). Enrolment for the federation is accomplished at BT and  
now the individual can go and use other teleco providers with a phone  
and use broadband services with out having a direct payment to this  
telco provider.  Now these other telco providers are relying parties  
and they take the profile provided by BT and provide services to the  
Principle.

in this way there does seem to be some sense in separating the actors  
for Identity Assurance, and then add Data Protections Roles for legal  
and privacy reasons so that there is a trust framework amongst telcos.

Thus the role of the credential use drives the terms in the Identity  
Assurance Model through profiles.


- Mark

On 10 Mar 2011, at 08:55, Rainer Hörbe wrote:

> Hmm. It is not clear to me what "roles drive terms" would be. Could  
> you provide examples?
>
> I would like to challenge the assumption that we can map all  
> identity-related terminologies into a single concept domain. As my  
> example of mapping controller to either RP, IdP, RA or subject  
> shows, there is no 1:1 relationship between data protection (DP)  
> roles and IDM actors. It puzzles me that fundamentally similar goals  
> (protecting data that is related to identities) led to quite  
> different role models in DP and IDM.
>
> - Rainer
>
>
> Am 09.03.2011 um 23:50 schrieb Richard G. WILSHER (Zygma):
>
>> I would say emphatically that the roles must drive the terms,  
>> otherwise the
>> terms are too nebulous and one cannot be specific about the  
>> consequences or
>> obligations of the entity when in that role.
>>
>> RGW
>>
>>
>> -----Original Message-----
>> From: wg-idassurance-bounces at kantarainitiative.org
>> [mailto:wg-idassurance-bounces at kantarainitiative.org] On Behalf Of  
>> Mark
>> Lizar
>> Sent: 09 March 2011 18:46
>> To: Rainer Hörbe
>> Cc: IA WG
>> Subject: Re: [WG-IDAssurance] What to call a Relying Party in terms  
>> of a Trust Framework
>>
>> Thanks Rainer,
>>
>> I think I now have a better sense of the complexity the IAWG is
>> working with. Would the roles then drive the terms ?
>>
>>
>> On 9 Mar 2011, at 17:43, Rainer Hörbe wrote:
>>
>>> Mark,
>>>
>>> The roles in the sense of DPD depend on the use case and legal
>>> positions of the parties. Also, it is important to have the role
>>> "recipient", the person who is granted access to the subject's data.
>>>
>>> In the typical SP-centric use case the RP is the controller for the
>>> data provided by its service. The IdP is controller or processor for
>>> the PII related to the identity management, depending on the role of
>>> the registration authority. The subject (= user) is the recipient.
>>> The data subject does not have a role in the basic use case.
>>>
>>> In a UMA-use case this might be different. The user is both data
>>> subject and controller, the RP is processor, IdP either controller
>>> or processor, as above.
>>>
>>> - Rainer
>>>
>>>
>>> Am 09.03.2011 um 18:04 schrieb Mark Lizar:
>>>
>>>>
>>>> Hello All,
>>>>
>>>> In the data protection world a relying party would be called a
>>>> 'Processor' an Identity Provider would be called a 'Controller'  
>>>> and a
>>>> service user would be called the 'Data Subject or Principle'.
>>>>
>>>> I think these terms map quite well.  As well.  I think there should
>>>> be
>>>> a level of Processing Assurance = eg RP assurance that certifies  
>>>> the
>>>> highest standard of data protection regulation in the jurisdictions
>>>> it
>>>> will federate.  From this point a federation contract and policy
>>>> mapping should then be entertained for higher level assessment
>>>> criteria.
>>>>
>>>> For all levels a privacy framework should entail auditing and the
>>>> passing of privacy preferences/profile to the relying party
>>>> (processor) from the Identity Provider (controller).
>>>>
>>>> My 2 cents.
>>>>
>>>> Mark
>



More information about the WG-P3 mailing list