jspωiki
Digital Identity

Overview#

You will not find a simple, single definition on Identity or Digital Identity. Here are some that we have run across that we think are best:

Digital Identity implies that Identification (i.e. that the Entity has been separated from the Anonymity Set) has been performed and the Digital Identity is NOT Anonymous.

Digital Identity has one or more Identifiers which MAY be referred to as Identity Attributes

Context#

Digital Identity exists within a provided context which usually involves a Relationship which might be within one of the Following:

Digital Identity Enrollment#

A Digital Identity can be created on the fly when a particular identity transaction is desired (Example: OpenID Connect), or persisted in a Data Store to provide a referenceable Digital Identity representation.

Typically when a Digital Identity is created there is a Identity Proofing process

A Digital Identity may be signed by a Digital Identity Provider (IDP) to provide a Level Of Assurance to a Relying Party

Digital Identity, Authentication, Authorization #

Digital Identity, Authentication and Authorization are separate and distinct.

Digital Identity are the Claims (Attributes or Identifiers) for a specific entity that provide Identification

Authentication is the process of establishing a Level Of Assurance that the Identification is authentic.

Authorization is when a Trustor grants a Permission to a Digital Identity (a Trustee) to perform a privilege against a Target Resource

Digital Identity is Also Know as#

There are many terms used to represent essentially the same thing.

Please do NOT use Account. An Account is a some place where a Digital Identity puts an Asset. (Just a thing with Ldapwiki folks.)

Digital Identity, well Identity, is a Facet Of Building Trust

Digital Identity Classification#

There two broad Digital Identity Classifications:
  • foundational identity - is a multi-purpose, allowing access to multiple services or Resources.
  • functional identity - solely for a narrowly defined service or Resource. For example, a medical insurance card is used to access health care and a voter ID card serves the purpose of conducting a vote

People love to make up words and phrases to express themselves.

Digital Identitys may be classified by the type of Identity Provider (IDP):

Digital Identity might also be classified by the Relationship as:

classified by the Identity Management Framework of the Digital Identity:

Digital Identitys may be Classified as one of the following:

Digital Identity and Context#

A given Digital Identity is typically related to a given Context.

How a Digital Identity relates to a Digital Subject#

There should be some further understandings about how a Digital Identity relates to a Digital Subject:

Digital Identity Data Stores#

Within an Organizational Entity (i.e think of a company there may be the following Data Stores: There is probably a Employee with a Digital Identity defined in each of these Data Stores. Each one of these Data Stores has Attribute Values or Identifiers which could be presented to a Verifier as a Claim so each of them has a seperate Digital Identity that is associated with the same Employee. The combination of these Digital Identities is the Digital Subject within the Organizational Entity. Some folks refer to this as an Identity Cube.

More Information#

There might be more information for this subject on one of the following: