This is a first step toward an analytical framework that would allow us to meaningfully compare and contrast widely different solutions to given usage scenarios in the general space of web security. For a given problem, SAML-federation-based solutions might initially appear quite orthogonal to, for example, UMA-based solutions, even for the same usage scenario. Yet in ambitious ventures such as NSTIC, we need to be able to make meaningful comparisons between drastically different proposed solutions.
The initial goal here will be to define a spanning set of atomic functions that can be shown to be combinable in different ways to compose commonly discussed multi-capability services and applications. These services and applications are the typical units of analysis when a given model is being presented. The following is offered as a suggestive example.