Trust Framework Actor Model

Based on the Constellations and Use Cases document this model defines the key actors for trust federations several constellations.

Table of contents:

Subject	Entity whose identity can be authenticated	Synonymous with Principal in X.1252, ISO 29115; Caveat: The definition includes all trust service providers, but use cases imply that only users (service consumers) are meant
Relying Party	Entity that relies on identity-related claims by a asserting entity	In general use except in STORK
Identity Provider	Provider who manages identity information for Principals and provides identity-based services	Not a Kantara term; defined in X.1252 and STORK

Attribute Provider	SP that manages and asserts attributes for Principals
CSP (Credential Service Provider	Provider supporting the verification of identities, the issuance of identity related tokens, and their subsequent management
RA (Registration Authority)	An entity validating the identity and claims of applicants but does not issue or manage credentials

Note: need to consolidate C10 with this model: CSP vs. IDP, RA vs. RO

Attribute Authority	A party whose authority to make claims is recognized by one or more relying parties
Assessor	Entity that evaluates an ETS or service provider's compliance using the Service Assessment Criteri
Auditor	Organization assessing entities and their services to establish their compliance with a policy
Federation Operator	Entity that defines standards and manages memberships and compliance with policy for its respective federation
Identity Broker	Provider that interfaces Relying Parties to a federation and aggregates federation relationships to simplify the interface for a RP
PMA (Policy Management Authority
Trust Anchor	The cryptographic service that serves as the top-most authority and is agreed out of the technical trust protocol
Underwriter	Insurance company that underwrite a specific risk of of a trust service provider to cover its liability

Pending