Digital Identity


Digital Identity (as Identity) is what binds a entity (or a Person) to his or her reputation, and reputation is what earns that person trust within the community, which in turn facilitates or inhibits that individual’s actions depending on his or her level of trust.

The cycle of identification does not end. As we conduct more actions, the volume of our Reputation System data increases and our trust level is continually adjusted through the judgment of the prevailing social, moral, and legal codes.

It can be argued that the role of identity has not changed since the beginning of civilization. Humans use identification to determine in which type of interactions to engage with other people. More specifically, we use identity to facilitate the actions of those we know and trust, and to protect us from those we do not trust or from those we do not know.

This same Reputation System is used with IoT devices as with other Entities

You will not find a simple, single definition on Identity or Digital Identity. Here are some that we have run across that we think are best:

Digital Identity implies that Identification (i.e. that the Entity has been separated from the Anonymity Set) has been performed and the Digital Identity is NOT Anonymous.

Digital Identity has one or more Identifiers which MAY be referred to as Identity Attributes

Interestingly, we tend to call these devices until a Digital Identity Authenticates and then THAT SAME Device is now considered a "Person". Reality is you will never fins a Person on the network or ever seen a Person that has a MAC Address.


Digital Identity exists within a provided context which usually involves a Relationship which might be within one of the Following:

Digital Identity and Relationships#

In a typical Identity and Access Management system additional attributes which defined the relationship that "Digital Identity" might have with various applications. These relationships which are then used in the process authentication and authorization of the Digital Identity when engaging with the application.

Digital Identity Enrollment#

A Digital Identity can be created on the fly when a particular identity transaction is desired (Example: OpenID Connect), or persisted in a Data Store to provide a reference for the Digital Identity.

Typically when a Digital Identity is created there is a Identity Proofing process

A Digital Identity may be signed by a Digital Identity Provider (IDP) to provide a Level Of Assurance to a Relying Party

Digital Identity, Authentication, Authorization #

Digital Identity, Authentication and Authorization are separate and distinct.

Digital Identity are the Claims (Attributes or Identifiers) for a specific entity that provide Identification

Authentication is the process of establishing a Level Of Assurance that the Identification is authentic.

Authorization is when a Trustor grants a Permission to a Digital Identity (a Trustee) to perform a privilege against a Target Resource

Digital Identity is Also Know as#

There are many terms used to represent essentially the same thing.

Please do NOT use Account. An Account is a some place where a Person (or a Digital Identity) puts an Asset in the hands of a Trustee. (Just a thing with Ldapwiki folks.)

Digital Identity, well Identity, is a Facet Of Building Trust

Digital Identity Classification#

There two broad Digital Identity Classifications:
  • foundational identity - is a multi-purpose, allowing access to multiple services or Resources.
  • functional identity - solely for a narrowly defined service or Resource. For example, a medical insurance card is used to access health care and a voter ID card serves the purpose of conducting a vote

People love to make up words and phrases to express themselves.

Digital Identitys may be classified by the type of Identity Provider (IDP):

Digital Identity might also be classified by the Relationship as:

classified by the Identity Management Framework of the Digital Identity:

Digital Identitys may be Classified as one of the following:

Digital Identity and Context#

A given Digital Identity is typically related to a given Context.

How a Digital Identity relates to a Digital Subject#

There should be some further understandings about how a Digital Identity relates to a Digital Subject:

Digital Identity Data Stores#

Within an Organizational Entity (i.e think of a company there may be the following Data Stores: There is probably a Employee with a Digital Identity defined in each of these Data Stores. Each one of these Data Stores has Attribute Values or Identifiers which could be presented to a Verifier as a Claim so each of them has a seperate Digital Identity that is associated with the same Employee. The combination of these Digital Identities is the Digital Subject within the Organizational Entity. Some folks refer to this as an Identity Cube.

More Information#

There might be more information for this subject on one of the following: