Abstract: A system and method of providing security for an application. A request to use an application to perform an operation using information is received from an operator by a computer system. In response to receiving the request, an operator identity assurance level of the operator and characteristics of the operation using the information are determined. An operation assurance level for the operation is determined based on the characteristics of the operation using the information. It is determined whether the operator identity assurance level of the operator satisfies the operation assurance level for the operation. The operator is allowed to use the application to perform the operation using the information in response to a determination that the operator identity assurance level of the operator satisfies the operation assurance level for the operation.

Abstract: A method for using a data model to enable authorization and communication between computers including a first computer configured to provide a service, a second computer in communication with the first computer, and a third computer in communication with one or both of the first computer and the second computer. The method includes storing the data model, wherein the data model describes nested party relationships among a first party having access to the first computer, a second party having access to the second computer, and a third party having access to the third computer, wherein the data model describes the third party as a third set of attributes specifying authorizations of the third party with respect to only the second party, the third set of attributes being nested within and dependent upon a second set of attributes specifying authorizations of the second party with respect to the first party.

Abstract: A system and method of providing security for an application. A request to use an application to perform an operation using information is received from an operator by a computer system. In response to receiving the request, an operator identity assurance level of the operator and characteristics of the operation using the information are determined. An operation assurance level for the operation is determined based on the characteristics of the operation using the information. It is determined whether the operator identity assurance level of the operator satisfies the operation assurance level for the operation. The operator is allowed to use the application to perform the operation using the information in response to a determination that the operator identity assurance level of the operator satisfies the operation assurance level for the operation.

Abstract: A method for using a data model to enable authorization and communication between computers including a first computer configured to provide a service, a second computer in communication with the first computer, and a third computer in communication with one or both of the first computer and the second computer. The method includes storing the data model, wherein the data model describes nested party relationships among a first party having access to the first computer, a second party having access to the second computer, and a third party having access to the third computer, wherein the data model describes the third party as a third set of attributes specifying authorizations of the third party with respect to only the second party, the third set of attributes being nested within and dependent upon a second set of attributes specifying authorizations of the second party with respect to the first party.