The Liberty Alliance 1.1 specification has two main components: the Liberty identity provider (Liberty IDP) and the identity consumer, referred to as a Liberty service provider (SP).A Liberty IDP is the central credential store for a user's identity information, and it is the heart of the user's identity federations, or account linkage information. The Liberty IDP also serves as the authentication authority, which is viewed as a trusted identity store by the Liberty SPs.Liberty SPs are the Web sites that the user wants to connect to.A "circle of trust" is formed between Liberty IDPs and SPs to provide the user a secure infrastructure for controlling his or her identity information, and to facilitate Web single sign-on.