Overview#Closed-Loop Authentication is when the same party that provided Credential Enrollment provides the Authentication.
Today, most web Authentication is Closed-Loop Authentication, including:
- traditional two-party authentication with username and password
- third-party login where a Relying Party redirects the browser to an Identity Provider (IDP) who authenticates the user and redirects the browser back to the Relying Party, asserting the user's identity
In third-party Closed-Loop Authentication, the credential authority is an Identity Provider (IDP), which asserts the user attributes to a Relying Party only after verifying possession of the credential by the device. In two-party authentication, there is only one party besides the user’s device, so two-party authentication can only be closed-loop authentication.
More Information#There might be more information for this subject on one of the following:
- [#1] - http://pomcor.com/2013/04/03/closed-loop-vs-open-loop-authentication/ - Retrieved 2013-04-10