[WG-P3] [WG-IDAssurance] Trust Federation Frameworks andAssurance Metrics

j stollman stollman.j at gmail.com
Sun May 15 09:58:20 EDT 2011


In the off chance that I have not previously sent this to you (or others on
the list), my alternative model is covered on slides 49-68.  I have already
incorporated Charles suggestion of "context" versus "environment."


On Sun, May 15, 2011 at 9:45 AM, Rainer Hörbe <rainer at hoerbe.at> wrote:

> Am 15.05.2011 um 14:09 schrieb j stollman:
> It if for this reason, that I continue to focus on the alternative model
> for Trust Frameworks that I proposed back in March.  The current model is
> based on roles.  I proposed a model based on trust relationships.
> Ultimately, I am just transposing rows and columns in a matrix of roles
> versus trust relationships.  I contend that there is a fixed and manageable
> number of trust vectors that exist between any two parties -- regardless of
> their role.  (Though, I also agree the the weighting will change depending
> on the role of the party or the environment of the transaction.  I.e.,
> though I trust my best friend to look out for my interests, I may not trust
> him to do so if his life is being threatened.)
> The TFMM shall accommodate that view. I believe that a single hierarchy
> won't be sufficient to provide a structure for all needs. If you look at
> the detailed TFMM topic map<http://kantarainitiative.org/confluence/display/TFMMWG/TFM+Topic+Map> you
> will see multiple actor models included. The same can be done with trust
> relationships.
> In my previous proposal I suggested that there need to be at least four
> trust relationships:  Identity, Terms, Subsidiary Rights, and Enforcement.
> Based on this thread, I have added Environment to include both session
> integrity as well as such factors such as having one's actions compromised
> by threats or pressure.
> IFAIK we defined trust relationships by their parties (asserting/relying
> actor) so far. The segmentation into identity, terms etc. is new to me. Did
> you write about this already?
> In this model, all transactions are 1:1.  A particular transaction (e..g,
> buying a widget from an online vendor) may require multiple 1:1 component
> transactions (between subject and vendor, between subject and credit card
> company, between credit card company and vendor, etc.).  Each transaction
> still has the same complexity (i.e. number of cells in the matrix).  But
> each transaction can be evaluated using the same criteria (though the
> weightings applied may well change for each role pairing).  The
> simplification this model brings is that only five scores need to be created
> that can then be re-weighted as needed for each component transaction.
> Hmm, not sure I really understand this deconstruction. Any kind of
> transitive trust (like RP -> IdP -> Subscriber -> User; RP -> Attribute
> Provider -> Attribute Authority; RP -> FO -> Trust Anchor) cannot be mapped
> into separate 1:1 relationships, as the dependency remains.
> Jeff

Jeff Stollman
stollman.j at gmail.com
1 202.683.8699
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-p3/attachments/20110515/7b33a992/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Elements of a Trust Framework v4.ppt
Type: application/vnd.ms-powerpoint
Size: 2106368 bytes
Desc: not available
Url : http://kantarainitiative.org/pipermail/wg-p3/attachments/20110515/7b33a992/attachment-0001.ppt 

More information about the WG-P3 mailing list