APPENDIX A-Defined Terms
<< Back to Baseline Functional Requirements Index
APPENDIX A: Defined Terms
The material below is a partial set of defined terms, a work-in-progress gathered from the IDESG Glossary, the User Experience Committee's "UXC Dictionary wiki", and the Requirements descriptions developed by various IDESG committees.
These definitions will be harmonized as a single normative glossary in a future edition of the Requirements. In this document, they are informative but not normative, and may be considered part of the Supplemental Guidance to this Requirements set. Some meanings may vary from Requirement to Requirement based on context.
ANONYMOUS: An interaction designed such that the data collected is not sufficient to infer the identity of the USER involved nor is such data sufficient to permit an entity to associate multiple interactions with a USER or to determine patterns of behavior with a USER.
DIGITAL IDENTITY MANAGEMENT FUNCTIONS
DIGITAL IDENTITY MANAGEMENT FUNCTIONS: includes each of the functions described in the IDESG Functional Model (registration, credentialing, authentication, authorization, and intermediation), which also encompass enrollment, identity proofing, identity vetting, access control, attribute management, transaction processing, and identity data maintenance.
ENTITY / ENTITIES: Any organization providing or using identity services.
IDENTIFIERS: numbers or other non-attribute designations designed to specify individuals or sets of individuals in a system.
NONPROPRIETARY PUBLISHED FORMAT/SPECIFICATION
NONPROPRIETARY PUBLISHED FORMAT/SPECIFICATION: a known and consistent format that is published and transparent to all RELYING-PARTIES and IDENTITY-PROVIDERS in the relevant network, and is not controlled by a commercial interest.
PERSONAL INFORMATION: broadly means any information about or linked to a USER that is collected, used, transmitted, or stored in or by digital identity management functions.
PSEUDONYMOUS: An interaction designed such that the data collected is not sufficient to allow the entity to infer the USER involved but which does permit an entity to associate multiple interactions with the USER’s claimed identity.
REDRESS: When (a) an entity offers an opportunity for a party who is transacting with it to complain or ask for adjustment, if the transaction is unsatisfactory to that other party; and (b) the entity responds clearly to each request of that kind; and (c) if the request relates to the entity's failure to comply with the IDESG Baseline Requirements, the entity cures the failure to comply, or provides a remedy for the failure.
- In USABILITY statements, refers to an individual human being. This does not include machines, algorithms, or other non-human agents or actors. Equivalents and related terms may include: user-centric, user-centered, human-centered, end user, individual user, user-friendly.
- In SECURITY statements, may refer either to an individual natural person, or to an entity such as a company or agency: Various security requirements may confer opportunities, rights or remedies on a party or account which is served by a cybersecurity function, whether that account relates to a single human or to an organization.
For definitions of user, user-centric and others, see the NSTIC Strategy (page 8 and throughout) : https://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf
USER-CENTRIC: Systems, design and/or program processes that put the individual human being at the center of the activity. Equivalents and related terms may include: user, user-centered, human-centered, end user, individual user, user-friendly. For definitions of user, user-centric and others, see the NSTIC Strategy (at pages 8, 12, 15, 19, 21, 35 and 36): https://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf