April 3, 2013
Peter Alterman

Peter Alterman, PhD., Chief Operating Officer, SAFE Bio-Pharma Association

The eCommerce and eGov Services cyber-world currently use two  models for secure trusted transactions. One, the credential model, presumes a user with one or more credentials of various degrees of trustworthiness using an appropriate credential to log on to a web, telnet, or online app.  In the social media world, it’s the Google or Facebook userID/password pair. In the eGov world, it’s the SAFE-BioPharma-compliant digital certificate. The online app (or its proxy) receives the credential, validates it, and then grants the user access.

The other, the transaction model , looks pretty much the same to the user: user logs on to app but instead of validating the credential, the app starts a series of tests and challenges. Banks tend to use other, more robust methods to ensure that users logging on to their portals are who they claim to be. Credential? They hardly need one and they certainly don’t rely much on the trustworthiness of the actual credential.

It’s worth looking at how trust is determined in each model. In the credential model, the credential carries the trust, and its trustworthiness  comes from the credential issuer. In the transaction model, the extent to which users are deemed to be who they say they are depends on factors and tests that the application applies. In other words, the app makes the decision.

The credential model allows the trust and data contained in the credential to be used by many apps at many sites. The transaction model allows each app to determine trust and reliability each time the user goes to a different app.

 In the credential model, the cost of assigning trust and aggregating attributes is borne by the issuer, once (and passed along to one customer or another). In the transaction model, the cost  is borne repeatedly by each app. Finally, in the credential model, all the apps must trust the credential issuer as much or more than the credential user, while in the transaction model the app must be responsible for that trust by creating and managing its own trust architecture.

At some point, the app owner needs to make an informed decision on where to spend scarce resources: running a trust infrastructure for each online app or trusting credentials that carry high assurance everywhere. Unless what’s in the app can threaten world destruction, the answer to business should be clear. A dollar or euro saved in the trust phase is free money.


%d bloggers like this: