Guardian: Difference between revisions
Jump to navigation
Jump to search
Line 6: | Line 6: | ||
===Related Terms=== | ===Related Terms=== | ||
* Delegate - where the guardian is identified independently of the subject (aka acts in openID) | * Delegate - where the guardian is identified independently of the subject (aka acts in openID) | ||
* Impersonation - where the guardian takes on the identity of the subject (supposedly this is illegal in openID) | * Impersonation - where the guardian takes on the identity of the subject (supposedly this is illegal in openID, but it is very hard to detect.) | ||
* Agent - where the guardian is some other process. While this is like delegation, typically the agent is only identified in the transport protocol and not in the application. | * Agent - where the guardian is some other process. While this is like delegation, typically the agent is only identified in the transport protocol and not in the application. | ||
* Client - in the sense that the [[Subject]] has delegated some limited authority to the client who can then access only to those subject's assets granted by the subject. | * Client - in the sense that the [[Subject]] has delegated some limited authority to the client who can then access only to those subject's assets granted by the subject. |
Revision as of 17:56, 26 December 2019
Full Title or Meme
Guardians are recognized by sovereign governments as Authorized to take actions to protect people or property that cannot be left to themselves or their owners to protect.
Context
In the context of identity management the guardian accepts responsibility for an Identifier or User Private Information that is owned by some Subject.
Related Terms
- Delegate - where the guardian is identified independently of the subject (aka acts in openID)
- Impersonation - where the guardian takes on the identity of the subject (supposedly this is illegal in openID, but it is very hard to detect.)
- Agent - where the guardian is some other process. While this is like delegation, typically the agent is only identified in the transport protocol and not in the application.
- Client - in the sense that the Subject has delegated some limited authority to the client who can then access only to those subject's assets granted by the subject.