Trust is typically interpreted as a subjective belief in the reliability， honesty and  security  of an entity on which we depend （  ）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to  policy . A consequence of this is that a trust component of a system must work correctly in order   for the security of that system to hold, meaning that when a trusted（  ）fails , then the sytems and applications that depend on  it can（  ）be considered secure . An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed  policy in order to ensure the expected level of securty and quality of services . A paradoxical   conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least   reliable or least secure of all the trusted components. We cannot avoid using trusted security  components,but the fewer the better. This is important to understand when designing the  identity management architectures,that is, fewer the trusted parties in an identity management     model , stronger the security that can be achieved by it .