This As the NSTIC work program evolves, we can expect to see multiple proposed solutions put forward that promise to deliver a new generation of online services. To the extent that the various solutions are competing for adoption, it will be necessary to evaluate them against each other for relative costs and benefits. Such comparisons will be quite challenging because proposed solutions will be built on disparate and seemingly incommensurable models (architectures, protocol stacks).
What follows is intended as a first step toward an analytical framework that would allow us to meaningfully compare and contrast widely different solutions to given usage scenarios in the general space of web security. To take an example a SAML-based solution to a given problem might initially appear quite orthogonal to UMA-based solution to the same problem. Yet in ambitious ventures such as NSTIC that aim to facilitate a new generation of online services, meaningful comparisons between drastically different and seemly incommensurable proposed solutions will be a common needfor the reasons cited above it will be important to be able to evaluate and compare one against the other.
A prerequisite step will be to define a spanning set of atomic functions (technology and protocol-agnostic to the degree possible) that can be shown to be composable in different ways that correspond to familiar protocol-based solution families.
...