IdM Definitions
Identity Vetting: The processes, policies and procedures defined to
verify at some level that a person is who they claim to be. This could
include in person presentation of identity breeder documents such as
government issue pictured credentials, certificates of birth or
citizenship etc.
Digital Credentials: Information that is generally stored
electronically in computer systems that is used to validate a person or
other system. Examples would include items such as shared security
secrets (userid and password) to asymmetric cryptography information
(X.509 public key)
Credential Linking: The processes used to deliver and associate a person
or system to a digital credential. This is usually the weakest part of
the security related to shared authentication technology.
Authentication: The act of presenting and verifying digital credentials
to a computer system for the purpose of access. An example would be the
act of logging in to an electronic mail service.
Authorization: The process of determining and thereby granting or
denying access to a computer, system or electronic resource given that
the requesting entity has can be identified.
Provisioning: The process of loading, linking or associating digital
credentials in a computer system for the purpose of providing services
beyond authentication. Example: File systems require that access be
granted to a digital credential and therefore the system must be
configured to allow a credential access to specific files or folders.
Deprovisioning: The act of removing credentials from a computer
system. This is generally a cleanup process after access by a
credential has been removed.
Additional References:
- IdM Committee
- IdM References
- IdM Introduction
