Two institutions want to trust identities issued by one another, but there is no outside governance or policy framework for them to do so. They negotiate a specific agreement that covers only the two of them. Each institution trusts the other to properly manage the identities that it issues. Examples: A pairwise agreement can specify […]
PDEC Blog
PDEC's posts
Send ideas for posts to info@pde.cc. Guest authors welcome. We love to announce events with notice and to review new personal data designs and products.
Three Party Model
22 October 2013 by
Three Party Model A trusted third party provides identities to both the requester and service provider. In order to interact with one another, both must agree to trust the same identity provider. Examples: Google, Facebook, American Express, Paypal, Amazon, iTunes App Store There are two broad types of Three Party Model. If one (or […]
Bring Your Own Identity
22 October 2013 by
A special case of the three party model where the service provider specifies the technical methods that it will accept, but allows the requester to choose any identity service they like. The service provider does not set details for identity verification or authentication and simply assumes that the requester has chosen one that’s good enough […]
Winner Take All
22 October 2013 by
“Winner Take All” Three Party Model A special case of the three party model where the service provider wants to allow the requester to use an existing identity, but only accepts authentication from a defined set of providers. Participants sign an agreement with the identity provider, which also allows them to talk to one another. […]