...
- Subject Registration, which is referring for creating trust relationships between the Subject towards AM, and Subject towards Host, and vice versa.
- Host Introduction, which is referring for establishing trust relationship between Host and AM, brokered by the Subject, in order to allow Host to delegate authorization decision to AM during the data sharing process.
- Data Sharing constellations, which is referring for delegating a third-party (Requesting Party) to access web resource.
The first two phases can be consolidated in a unique and fundamental element that we call Bootstrapping Trust.
...
In the picture are represented the following delegation’s vectors:
- Vector V1 represents the delegation of the action “Access” from Authorizing User (delegator) to Requester (delegated agent).
- Vector V2 represents the delegation of the action “Authorization” from the Host (delegator) to Authorization Manager (delegated agent).
- Vector V3 represents the delegation of the action “Consent” from the Authorization Manager (delegator) to Authorizing User (delegated agent).
The degree of trust of the entire process of data sharing can be calculated as length of resulting vector from summing delegation’s vectors (V1+V2+V3):
Without direct Authorizing User Consent
V1+V2 = (2,1)+(-1,1) = (1,2)
Degree = Length (V1+V2) = 2.23
With direct Authorizing User Consent
V1+V2+V3= (2,1)(-1,1)(0,-2) = (1, 0)
Degree = Length (V1+V2+V3) = 1
Reference
[1] T3 Trust theory http://www.istc.cnr.it/T3/trust/pages/delegation.html