Browse and search developer information

Pattern 2: Local only, Simple Broker

Pattern Description

This is a variation on pattern 1, and adds a simple broker to establish system-to-system trust between the Client System and the Resource Provider. It does not fundamentally change the approach for use-level access control from that in pattern 1.


  • Provides a single mechanism for establishing system-to-system trust between sharing systems – backed by a light-weight national assurance process to make use of the national PKI.
  • Can be built to specifically address local needs and evolve independently of any other wider requirements outside the local area.
  • All aspects of access control managed and handled locally.


  • Only provides the mechanism for sharing within a local area – expanding to other areas would require a move to another pattern (e.g. federated identities).
  • Does not provide a way of accessing national data or services – these would therefore require a second mechanism (probably requiring the user to log in again).