Overview#

Digital Subject is the Identity Correlation of one or more Digital Identities into one entity

There are always a lot of discussions on Digital Subject or Principal or Digital Identity and a lot of confusion.

We will use the term Digital Subject which we feel is interchangeable with the following:

when used within the Digital Realm or namespace.

Some comments about Digital Subject may help with the concepts:

Although any given Digital Subject is relevant to, and exists within a given Digital Context, a single Entity may be represented as one (or more) Digital Identity(s) in one Digital Context and yet another Digital Identity in another Digital Context.

By linking or "federating" these disparate Digital Subjects one can gain a more Federated Identity view of a given Entity.

Contexts represent different systems, organizations and entire enterprises with widely varying storage and trust models are handled using the Digital Subject linking approach.

The information contained in a Digital Subject is not necessarily a pure subset of the union of all of the information contained in all of the Digital Subjects of an Entity taken together. There is no consistency constraint imposed between the Digital Subjects of an Entity. For example, a person could claim that their name was Jim in one Digital Subject and Jeemster in another.[1]

A Principal in the context of a security Domain. SAML Assertions make declarations about Digital Subjects.[2]

Java Authentication and Authorization Service (JAAS) refers to this as simply Subject or Principal.[3]

An Entity represented or existing in the digital realm which is being described or dealt with.[4]

Examples of Many Digital Subjects#

Just as you have in your wallet:

Then you decide which of these cards you present is based on where (which Context), in the physical world, you are presenting the cards to which maybe:

  • Your Bank
  • Your employer
  • Grocery Store
The who or where is the context or Realm.

For example the Entity "Bob Smith" could be represented as two Digital Identitys;

  • the first having "bsmith" as an identifier
  • the second having "bob" as an identifier.
These two Digital Subjects may be in the same or in different Contexts.[1]

Through Identity Correlation the two Digital Subjects could be placed within on Digital Subject

Realm or Digital Context#

Similar to what in the physical world is "The who or where is the context or realm", in the digital world we also have a Realm or Digital Context.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-26) was last changed on 23-Sep-2016 13:51 by jim