U.S. flag

An official website of the United States government, Department of Justice.

Global Federated Identity and Privilege Management (GFIPM): Cryptographic Trust Model

NCJ Number
Date Published
April 2012
32 pages
Publication Series

The GFIPM Cryptographic Trust Model defines a normative schema for a GFIPM Cryptographic Trust Fabric, which is document shared among all members of a GFIPM federation. 


This document defines a normative schema for a Global Federated Identity and Privilege Management (GFIPM) Criptographic Trust Fabric, which is a document containing public key material and system entity metadata for each trusted endpoint in the federation. The target audience for this document includes managers and technical representatives of prospective GFIPM participant organizations who are planning to implement an identity provider (IDP) and/or a service provider (SP) within a GFIPM federation; it also includes vendors, contractors, and consultants who are required to establish technical interoperability with GFIPM standards as part of their project or product implementation. The spec defines a set of processes by which the GFIPM Cryptographic Trust Fabric document is created, distributed, and updated based on changes in federation membership. Additionally, the document defines a normative set of rules that all federation members must follow during intergenerational transactions to ensure that they all properly utilize the Cryptographic Trust Fabric; the normative standards are taken from SAML 2.0 and the GFIPM Metadata 2.0 spec.

Date Published: April 1, 2012