PDEC Blog

A Trust Framework is a specification that describes a set of identity proofing, security, and privacy policies.  The framework is authored by subject matter experts, and is written with the intent that compliance can be assessed. The framework also lists the qualifications that an assessor must have in order to judge compliance. A Framework Listing […]

In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the […]

Inter-Federation Federations When organizations are unable to communicate directly with one another because of legal limits or national boundaries, existing federations can negotiate inter-federation federations which allow members of different federations to interact with one another. Examples: REFEDS, eduGAIN, and Kalmar2 are inter-federation programs for research institutions and higher education. When to use: Institutions are […]

Four-Party Model A four-party model provides a comprehensive set of interlocking legal contracts that detail roles, responsibilities, and technical methods. In order to take part in the network, each party must agree to one of the contracts in a given framework. Identity providers specialize in providing support for particular roles. Examples: The credit card networks, […]