From Domain-Based Identity Management Systems to Open Identity Management Models
One of the main reasons is the problem of establishing trust relationships between independent parties—a problem inherent to open environments with multiple trust domains. In open environments, participants often do not know each other, but nevertheless require an existing trust relationship to perform critical transactions. Governments, commercial organizations, and academia alike have addressed this issue by providing better assurance guidelines for identity management. The outcome is a number of identity assurance frameworks that identify and cluster certain security criteria into levels of trust or levels of assurance (LoA). These approaches are described, compared, and assessed with regard to their role towards a reliable identity management across the Internet. Limitations are identified and trust levels for attributes are proposed as potential fields for further research.