5.3. Combinations

5.3. Combinations

One variation of the Background-Check Model is where the Relying Party and the Verifier are on the same machine, performing both functions together. In this case, there is no need for a protocol between the two.

It is also worth pointing out that the choice of model depends on the use case and that different Relying Parties may use different topological patterns.

The same device may need to create Evidence for different Relying Parties and/or different use cases. For instance, it would use one model to provide Evidence to a network infrastructure device to gain access to the network and the other model to provide Evidence to a server holding confidential data to gain access to that data. As such, both models may simultaneously be in use by the same device.

Figure 7 shows another example of a combination where Relying Party 1 uses the Passport Model, whereas Relying Party 2 uses an extension of the Background-Check Model. Specifically, in addition to the basic functionality shown in Figure 6, Relying Party 2 actually provides the Attestation Result back to the Attester, allowing the Attester to use it with other Relying Parties. This is the model that the TAM plans to support in the TEEP architecture [TEEP-ARCH].

  .-------------.
  |             | Compare Evidence
  |   Verifier  | against appraisal policy
  |             |
  '--------+----'
       ^   |
Evidence |   | Attestation
       |   | Result
       |   v
  .----+--------.
  |             | Compare
  |   Relying   | Attestation Result
  |   Party 2   | against appraisal policy
  '--------+----'
       ^   |
Evidence |   | Attestation
       |   | Result
       |   v
  .----+--------.               .-------------.
  |             +-------------->|             | Compare Attestation
  |   Attester  |  Attestation  |   Relying   | Result against
  |             |     Result    |   Party 1   | appraisal policy
  '-------------'               '-------------'

               Figure 7: Combination Model