Assurance Glossary of Terms
Defined Term |
Brief summary description |
Address of Record |
A means of contacting the Subject. |
Structured data objects containing Identity information and other relevant data. Sometimes called Identity Assertions. |
|
Attributes |
Elements of an Identity. |
Attribute Service |
Provides Subject Attributes in response to queries from SPs. |
Authentication Secret |
Used generically for passwords, passphrases, PINs, symmetric keys and other forms of secrets used for authentication |
Credential |
A unique identifier and authentication material. |
Credential Store |
Contains Authentication Secrets for all Subjects |
Identity |
Information that is true about a Subject. |
Identity Attributes |
Information elements relevant to a Subject. |
A set of functions serving the Identity and access management needs of an enterprise. |
|
Identity Provider |
The IdMS system component that issues Assertions. |
IdMS database |
A database of IdMS Subjects. |
IdMS Operations |
The technical environment supporting the IdMS. |
The organization operating an IdP is an IdP Operator. |
|
Protected Channel |
A communication mechanism that provides message integrity and confidentiality protection. |
Registration |
The process of creating a record of a Subject’s Identity information. |
Registration Authority |
A trusted entity entitled to perform Registrations. |
Relying Parties |
A synonym for Service Provider. |
Service Provider |
Uses an Identity Assertion as part of managing access to its services. |
A person who is (or will be) registered with the IdP Operator |
|
Token |
A physical device (or specialized software on a device such as a mobile phone) used in authentication. |
User Agent |
Typically a web browser, used by the Subject to authenticate to the IdP and convey the assertion to the SP. |
Verifier |
Validates the correctness of offered authentication material. |
InCommon
is operated by