Field Guide

Individual Contract Wrappers When providing information to a service, the requester also provides terms for how that information can be used.  Service providers agree to honor those terms in exchange for access to the data, and compliance is enforced through contract law. Terms might include an expiration date, limits on whether the data can be […]

A Trust Framework is a specification that describes a set of identity proofing, security, and privacy policies.  The framework is authored by subject matter experts, and is written with the intent that compliance can be assessed. The framework also lists the qualifications that an assessor must have in order to judge compliance. A Framework Listing […]

In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the […]

Inter-Federation Federations When organizations are unable to communicate directly with one another because of legal limits or national boundaries, existing federations can negotiate inter-federation federations which allow members of different federations to interact with one another. Examples: REFEDS, eduGAIN, and Kalmar2 are inter-federation programs for research institutions and higher education. When to use: Institutions are […]