Global Trust Framework Survey
Abstract
As a key deliverable of the BCTF Work Group this document shall provide a comprehensive overview of Trust Framework implementation whether as pilot projects or in operation.
Editors
Rainer Hörbe
Intellectual Property Notice
The BCTF Discussion Group operates under Creative Commons Share-Alike Attribution IPR Option and the publication of this document is governed by the policies outlined in this option.
Data Collection and Distribution
Data is collected from the sources mentioned below and from polls in the IDM community. There might be a bias towards education and public sector federations, as those tend to publicize their achievements more openly. Also federations of the WebSSO-class might be preferred due to their better visibility to users. A study to make data more representative would be needed and volunteers are wanted. E.g. WS-Trust seems to be under-represented and segregation between enterprise and federation use is not easy to achieve from some variables.
Analysis
# of Federations: Breakdown by Industry
 | Comment: The highest number of federations is in the public sector, followed by research and higher education. Industry (ICT, Finance, Transport) have a smaller share. |
# of Federations: Breakdown by Technical Protocol
# of Federations: Distribution by User Type
Top 5 Federations in 4 Categories: IDP, RP, Transactions and Users
Project Name | Description | Geog. scope | Industry | IDPs | RPs | Transactions [m/year] | Users [m| |
UK Access Management Federation | NREN | UK | R&E | 900 | 236 |
| 3 |
InCommon | NREN | US | R&E | 274 | 958 |
| 5 |
AAI@EduHr | NREN | HR | R&E | 222 | 100 | 100 | 0,7 |
FEIDE/Uninett | NREN | NO | R&E | 202 | 150 | 6 | 0,7 |
WAYF/Forskningsnettet | NREN | DK | R&E | 130 | 110 | 5,5 |
|
|
|
|
|
|
|
|
|
IGTF | Grid computing | global | Science | 86 | 2500 |
|
|
InCommon | NREN | US | R&E | 274 | 958 |
|
|
SWITCHaai | NREN | CH | R&E | 47 | 581 |
|
|
UK Access Management Fed. | NREN | UK | R&E | 900 | 236 |
|
|
Portalverbund | G2G | AT | Public | 50 | 204 |
|
|
| |
|
|
|
|
|
|
NETS | Payment | nordic | Fin |
|
| 500 | 7 |
Certipath | Supply Chain | global | Man | 20 | 100 | 400 | 2 |
BankID | B2C, G2C | SE | Pub |
|
| 400 | 3,5 |
AAI@EduHr | NREN | HR | R&E | 222 | 100 | 100 | 0,7 |
SWITCHaai | NREN | CH | R&E | 47 | 581 | 15 | 0,3 |
|
|
|
|
|
|
|
|
Mobile Phone Network | Mobile phones | global | ICT |
|
|
| 1600 |
Google-Yahoo-Facebk | Social logins | global | ICT | 3 |
|
| 1500 |
Rakuten | eCommerce | JP | Trade | 1 |
|
| 62 |
JAL | Travel | JP | Trans | 1 |
|
| 15 |
PIV | G2G | US | Pub |
|
|
| 8 |
Legend
ISIC: UN industry classification
Status: pilot, prod(uction), research. This survey has a focus on trust frameworks in production
Service Type: PA: Authentication (physical acess), LA: Authentication (logical acess), AT: Attributes, DS: Digital signature, DA: Delegated Authorization, E: Encryption
Trust Federation Constellations:
C20 (SP-centric)
C23 (central SP=IDP)
C30 (Intra-organizational IDM)
C31 (Ruling Party IDM)
C32 (Identity Federation)
C33 (Cross-Boder Federation)
C50 (Enterprise Federation)
Cxx 4-Corner Model
End User Class: B= Business, C=Consumer/Citizen, D=Device
Trust Federation Project Overview
Project Name | Description | Country | ISIC (Industry Classification) Computed | Status | since | #Relying Party | #Registered Users [m] | Service Type (summary) | C20 (SP-centric) | C23 (central SP=IDP) | C30 (Intra-organizational IDM) | C31 (Ruling Party IDM) | C32 (Identity Federation) | C33 (Cross-Boder Federation) | C50 (Enterprise Federation) | C35 4-Corner Model | End User Class | Technial Protocols |
Air Canada | Companies in the Air Canada Group | CA | H (Trans) | prod |
|
|
| LA |
|
| x |
|
|
|
|
| B | SAML |
Can. Banking Fed. | B2B-federtion of leading banks (clearing) | CA | K (Fin) | prod |
|
|
|
|
|
|
|
| x |
|
|
| B | SAML |
Canadian Access Federation CAF | NREN Federation Canada | CA | M/P (R&E) | prod |
| 14 | 1 | LA |
|
|
|
| x |
|
|
| B | SAML |
Cyber AuthN Renewal | G2B, G2C (Federal) |