Digital Identity


You will not find a simple, single definition on Identity or Digital Identity. Here are some that we have run across that we think are best:
  • Digital Identity is a set of attributes related to an Entity. ISO 29115
  • Digital Identity is a representation of a set of Claims made by one Party about itself or another Entity.[1]
  • Identity is how we keep track of people and things and, in turn, how they keep track of us.[2]

Digital Identity implies that Identification (i.e. that the Entity has been separated from the Anonymity Set) has been performed and the Digital Identity is NOT Anonymous.

Digital Identity exists within a provided context, usually some Data Store which might be within one of the Following:

When the Digital Identity is in a Data Store and a Credential is also maintained within the Data Store, the Data Store may be referred to as a Credential Repository

A Digital Identity has one or more Identifiers which MAY be referred to as Identity Attributes

Digital Identity Enrollment#

A Digital Identity can be created on the fly when a particular identity transaction is desired (Example: OpenID Connect), or persisted in a Data Store to provide a referenceable Digital Identity representation.

Typically when a Digital Identity is created there is a Identity Proofing process

A Digital Identity may be signed by a Digital Identity Provider (IDP) to provide a Level Of Assurance to a Relying Party

Sovereign-source Identity is a Digital Identity created and maintained by a person for their own purposes

Digital Identity, Authentication, Authorization #

Digital Identity, Authentication and Authorization are separate and distinct.

Digital Identity are the Claims (Attributes or Identifiers) for a specific entity that provide Identification

Authentication is the process of establishing a Level Of Assurance that the Identification is authentic.

Authorization is when a Trustor grants a Permission to a Digital Identity (a Trustee) to perform a privilege against a Target Resource

Digital Identity is Also Know as#

There are many terms used to represent essentially the same thing.

Please do NOT use Account. An Account is a some place where a Digital Identity puts an Asset. (Just a thing with Ldapwiki folks.)

Digital Identity, well Identity, is a Facet Of Building Trust

Digital Identity Types#

People love to make up words and phrases to express themselves.

How a Digital Identity relates to a Digital Subject#

There should be some further understandings about how a Digital Identity relates to a Digital Subject: A given Digital Identity is typically related to a given Context.

Within an Organizational Entity (i.e think of a company there may be the following Data Stores:

There is probably a Employee with a Digital Identity defined in each of these Data Stores. Each one of these Data Stores has Attribute Values or Identifiers which could be presented to a Verifier as a Claim so each of them has a seperate Digital Identity that is associated with the same Employee. The combination of these Digital Identities is the Digital Subject within the Organizational Entity. Some folks refer to this as an Identity Cube.

More Information#

There might be more information for this subject on one of the following: