1. What should be included to make the decisions? What can they do or have? What is The Trust Network? What does it do? 1Resilient Network Systems All Rights Reserved A peer-to-peer platform for automating context-aware decisions about identity, access, and privilege with minimal exchange of sensitive identity data Evaluates and enforces each parties policies for trusted interactions between users, applications and services to enable new, secure processes. Who is requesting access

2. policies identity attributes/claims users Access Server: Defines and enforces policies to publish data, applications, services, and things Privacy Services: Transform data, policies, and application logic into opaque tokens applications Trust Broker: Evaluates policies; routes and verifies requests with trust services The Trust Network Platform Resilient Network Systems All Rights Reserved 2 Identity Broker: Correlates, verifies, Disambiguates, and authenticates the identities of people privacy services data 3. The Trust Network Multiple Delivery Vehicles 3Resilient Network Systems All Rights Reserved o Leverage private Trust Networks to improve intra-organizational information sharing o Connect to the Public Trust Network for Trust Services, etc. via either: On-premise implementation by Relying Party or Attribute Provider of TN Access Server Or Cloud-based Trust Network as a Service (TNaaS) 4. Simple, Agile, Horizontal, Secure, and Affordable 4Resilient Network Systems All Rights Reserved Policy-driven controls without the need for each application to instantiate them technically Policy updates are immediately reflected across all protected data sources and applications Policies remain intrinsic to the web publication (i.e. XML document) irrespective of application changes Enhancement of individual privacy (parameter obfuscation) while meeting access control requirements Efficient verification of facts for credentials based on networked authoritative sources