Glossary: Difference between revisions
m (53 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:00, 28 June 2018
This Glossary wiki is being used as a fairly informal way to gather and agree on terminology used in IDESG documents. It has been superseded by subsequent efforts, see the category "Glossary" at the bottom of this page.
A working group was formed in March 2016 to complete the development of the terms used in the IDEF Baseline_Functional_Requirements_v1.0 and thus needed for successful deployment of the SALS. It has been instantiated as a group within the IDESG members workspace, the "IDEF Functional Model Committee."
Terms and definitions specific to the IDESG Self-Assessment Listing Service (SALS) in 2016
These are the terms used in the IDEF Baseline_Functional_Requirements_v1.0.
This is where new terms should be added now. Note the instructions below for doing this.
Please check the existing terms in the material below.
NEED TO add all documents which need glossary definitions.
HOW TO Add or revise a term for this wiki Glossary
Terms
Add new terms here, and initiate a wiki page for the term.
New Term was created as a demonstration
Commenting or suggesting change for a Glossary term
Each of the glossary terms should have a separate page. Click on the term to visit its page.
The page for each term should have a "Comment" button. This will take you to a page where you can compose your comment.
The comments will appear on the "Discussion" page or tab which exists for each Wiki page. This appears at the top left of the wiki page, next to the "Page" tab. If there are no comments, then the "Discussion" tab will appear in red, indicating that content for the Discussion page does not yet exist.
You can be the first!
Adding a new term to the Glossary
Please use the following steps to add a new term.
Add a line in the appropriate section containing the term and definition
For now, new terms should be added to the top section.
Use the Edit button for that section to add a new term and definition (if a definition is available - otherwise, simply add the term).
You should be able to follow the examples of existing entries. Note that enclosing the term in double brackets is important, so a wiki page for the new term can be developed.
Create a wiki page for the term
Use the format of the Glossary Term Example page to create a new page for the new term.
Other wiki-based Glossary resources for Baseline_Functional_Requirements_v1.0
- IDEF Functional Model contains five terms: REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
- IDEF Glossary is under construction as of March 2016, but may become the target source of most Glossary work
- APPENDIX_A-Defined_Terms contains the ten items included in Appendix A of the IDEF Baseline_Functional_Requirements_v1.0. The structure of this wiki page, with the terms defined in subsections, may be preferred as a model for a complete Glossary (as opposed to individual pages
There are also some individual terminology pages referenced from the Functional Requirements, such as:
- IDEF_Glossary_USERS
- IDEF_Glossary_PERSONAL_INFORMATION
- IDEF_Glossary_DIGITAL_IDENTITY_MANAGEMENT_FUNCTIONS
IDESG Committee Glossary and Dictionary Resources to be Considered
User Experience Committee
See UXC_Dictionary
Taxonomy AHG material
Other more formal work has also been developed within the IDESG, in particular by the Taxonomy Ad Hoc Group, which produced a Glossary. The Taxonomy AHG suspended its work in early 2014. Items from their work are incorporated here as a starting point.
This material has been copied from the Taxonomy AHG Glossary to avoid disturbing the excellent work of the Taxonomy AHG, while making it available in this consolidated Glossary.
Management Council approved items
The following list contains the definitions of the terms approved by the Taxonomy AHG and the IDESG Management Council.
- Attribute: A named quality or characteristic that is claimed to be inherent in or ascribed to someone or something.
- Authentication: Process of determining the validity of one or more credentials used to claim a digital identity.
- Credential: A set of data presented as evidence of a claimed digital identity.
- Digital Identity: An attribute set that can be uniquely distinguished in a given context and can be used for a digital interaction.
- Entity: A thing that exists, e.g., a person, organization, device, software application or service.
- Identifier: Attribute that can be used to distinguish a digital identity.
- Token: Something that the claimant possesses and controls that is used to authenticate the claimant’s digital identity.
Taxonomy AHG In Process Terms
The following list contains the definitions of the terms approved by the Taxonomy AHG and are in process for further approval.
- Anonymous Interaction: An interaction designed such that the data released and collected is not sufficient to infer the entity involved nor is such data sufficient to permit a relying party to associate multiple interactions with the entity.
- Pseudonymous Interaction: An interaction designed such that the data released and collected is not sufficient to infer the entity involved and for which information to permit a relying party to associate multiple interactions with the entity’s claimed identity is released.
Taxonomy AHG Proposed Terms
The following list contains proposed terms and definitions which are currently being considered by the Taxonomy AHG members. To review more details or comment on the proposed terms, please follow the link to each term's associated page. There you will be able to find information on AHG deliberations, sources related to the term, and the overall status of the approval process. There is also a comment option that will allow you to contribute to definition development.
- An entity undergoing the processes of registration, enrollment and identity proofing. See Also: Sponsor
- Name for a Non person entity (NPE) that is assigned by a name issuing authority
- A trusted entity that issues and revokes trusted information, including credentials and attribute assertion. Note: see also attribute assertion.
- A trusted entity that creates, issues, maintains and revokes trusted information, including credentials and attributes. (D'Agostino, Krum)
- An assertion made by a Claimant of the value or values of one or more Identity Attributes of a Digital Subject, typically an assertion which is disputed or in doubt.
- An assertion made by a Claimant of the value or values of one or more Identity Attributes of a Digital Subject, that has not been validated and verified. (Krum, D'Agostino)
- Entity whose identity is to be verified using an authentication protocol.
- Entity whose identity is to be verified at the identity proofing stage, or confirmed by using an authentication protocol. (Faron, Krum, D'Agostino)
- A trusted entity that issues or registers Subscriber tokens and issues electronic credentials to Subscribers. The CSP may encompass Registration Authorities (RAs) and Verifiers that it operates. A CSP may be an independent third party, or may issue credentials for its own use.
- An entity that performs identity proofing, registration and issues some form of a subscriber token within some procedural context designed to convey a degree of trust.(Wallace)
- A trusted entity that issues credentials to Subscribers.(D'Agostino)
- A set of attributes that uniquely distinguishes an entity in context.
- An entity that verifies, maintains, manages, and may create and assign identity information of other entities.
- An entity that manages identity information. Verification and creation may be done by other parties.(Wallace)
- An entity that maintains and provides identity information for entities employed or associated within a set context. (D'Agostino, Krum)
- An entity that verifies authentication and asserts one or more identifiers bound to the authenticated entity.(Fenton)
- One of multiple attributes that together identifies an entity in context.
- A software version of a hardware (physical) token.
- A physical device that the claimant possesses and controls that is used to authenticate the claimant’s identity.
- A physical device containing authorization information, that the claimant possesses and controls, that is used to authenticate the claimant’s identity. (D'Agostino, Krum)
- Name claimed by a person or organizational entity which is not verified as belonging to the entity.
- A case where the claimant chooses to actively conceal/protect portions of their identity information. (Wallace)
- A fictitios name claimed by an entity which is not verifiable as belonging to the entity. (D'Agostino)
- A ficticious name which is not verifiable as belonging to a specific entity. (Garcia)
- An entity that relies on an identity representation or claim by a requesting/asserting entity within some request context.
- An entity that authenticates a claimant and provides some service or value.(Wallace)
- An entity that requests and/or receives information about the identity of an individual or authentication assertions from another party such as an Identity Provider, Credential Service Provider (CSP), or Trusted Broker. (Sal/Krum)
- An organization that accepts assertions of identity or attributes. (Garcia)
- A human performing enrollment processes on behalf of a non-person entity.
- An entity who has received a credential from a Credential Service Provider (CSP).
- Single attribute that uniquely identifies an entity in context.
- Name whose value is verified to be the entity's legal name.
Glossary Sources - External to IDESG
Glossary extracted from "Attribute Based Access Control"
Source document available at: https://nccoe.nist.gov/sites/default/files/documents/NCCoE_ABAC_Building_Block_v2_final.pdf
File:NIST-NCCOE ABAC Building Block v2 Apr 1 2015 -- Appendix A - Glossary .pdf
File:NIST-NCCOE ABAC Building Block v2 Apr 1 2015 -- Appendix A - Glossary .docx
National Initiative for Cybersecurity Careers and Study (NICCS) Glossary
https://niccs.us-cert.gov/glossary
The NICCS Portal’s cybersecurity lexicon is intended to serve the cybersecurity communities of practice and interest for both the public and private sectors. It complements other lexicons such as the NISTIR 7298 Glossary of Key Information Security Terms.
NISTIR 7298
Source document: http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf
Stored in IDESG wiki: File:NIST.IR.7298r2.pdf
Early entries in this "Glossary" wiki page (historical)
Term | Explanation |
---|---|
IdP | Identity Provider |
RP | Relying Party |
IdEF | Identity Ecosystem Framework |
UX | User Experience |