Overview#

Entity is a thing with distinct and independent existence such as a Natural Person, Organization, concept, or device.

You will undoubtedly find many definitions for Entity. Ldapwiki has tried to put some we have discovered and are appropriate for our context

Entity may also have a Digital Identity, Application, data, etc.

Entity is a resource of any kind that can be uniquely and independently identified.

Entity is something that exists as itself, as a subject or as an object, actually or potentially, concretely or abstractly, physically or not. An Entity need not be of material existence. In particular, abstractions and Legal Fictions are usually regarded as entities. In general, there is also no presumption that an Entity is animate, or present.[1]

Entity will have some type of Identifier

The National Strategy for Trusted Identities in Cyberspace (NSTIC) defines some terms similar to those defined here:

• "An individual is a person engaged in an online transaction. Individuals are the first priority of the Strategy."
• "A non-person entity (NPE) may also require authentication in the Identity Ecosystem. NPEs can be organizations, hardware, networks, software, or services and are treated much like individuals within the Identity Ecosystem. NPEs may engage in or support a transaction."
• "The subject of a transaction may be an individual or an NPE."

Some examples:

• People
• Services
• non-person entity
• Organizational Entity
  • Government Entity
  • Business Entity
  • Non-Governmental Entities (NGO)

Entity is defined in ISO 29115 as "Something that has separate and distinct existence and that can be identified in a Context"

Domain-Driven Design#

Entity is an object that is not defined by its attributes, but rather by a thread of continuity and its identity.

Domain-Driven Design Entity Example:

• Most airlines distinguish each seat uniquely on every flight. Each seat is an Entity in this Context.
• However, Southwest Airlines, EasyJet and Ryanair do not distinguish between every seat; all seats are the same. In this Context, a seat is actually a Value Object.

More Information#

There might be more information for this subject on one of the following:

• AS Exchange
• Access Control Engine
• Access Control List
• Access Control Service
• Access Token Validation
• Account
• Accountability
• Action
• Actor
• Address
• Advanced Persistent Threat
• Aggregate
• Anonymous
• Anonymous Credential
• Anonymous Identity
• Attack
• Attacker
• Attribute
• Attribution
• Authentication
• Authentication cookie
• Authorization
• Authorization API
• Authorization API Token
• Authorized
• Best Practices For Unique Identifiers
• Big-Endian
• Blockchain
• Bounded Context
• Business Entity
• CREATE_ACCOUNT
• Card Processor
• Cardholder Name
• Casual Name
• Certificate Authority
• Certificate Request Process
• Certificate Subject
• Challenge-Handshake Authentication Protocol
• Claim
• Claimant
• Classification
• Cloud Service Provider
• Cloud Service User
• Communication
• Compromised Certificate
• Compromised Credential
• Connection Table
• Consensus
• Consumer of services
• Context
• Control
• CountryOfResidence
• Create
• CreateTimestamp
• Credential
• Credential Enrollment
• Credential Holder
• Credential Issuance
• Credential Reuse
• Credential Service Provider
• Creditor
• Customer
• DELETE_ACCOUNT
• DID Authentication
• DID Document
• DID Service Endpoint
• DSE_CREATE_ENTRY
• DSE_DELETE_ENTRY
• Data Classification
• Data Controller
• Data Origin
• Data Ownership
• Data Pedigree
• Data Privacy
• Data Processor
• Data Provenance
• Data aggregator
• Data curation
• Datagram
• Debtor
• Decentralized Identifier
• Delegation
• Delegation vs Impersonation
• Delete
• Deleted object
• Design
• Device
• Digital Identity
• Digital Key
• Digital Signature Algorithm
• Digital Subject
• Directory User Agent
• Distributed Web
• Domain of OneS Own
• EDIPartyName
• Employee data
• Enabler
• Entities
• Entitlement
• Entity Authentication
• Ephemeral
• Epoch
• Etag
• Event 4625
• Extended Validation Certificate
• FHIR Resource
• Federated Authorization for UMA 2.0
• Federated Identity
• Financial Data
• Fingerprint
• Fingerprinting
• First Name
• Friction
• GCP Organizational Admin
• Gender
• General Data Protection Regulation
• Global Trade Item Number
• Government Entity
• HTTP Body
• Holder
• Hyperledger Indy
• IDN homograph attack
• ISO 29115
• Identifiability
• Identifiable
• Identified
• Identifier
• Identity Assurance
• Identity Attributes
• Identity Certificate
• Identity Document
• Identity Ecosystem
• Identity Lifecycle Management
• Identity Proofing
• Identity Sovereignty
• Image
• Impersonation
• Incremental authorization
• Individual
• Initiator
• Inspector-verifier
• Intermediary
• Intermediate Certificate
• Issuer
• JSON-LD Examples
• Juridical Person
• Kerberos
• Kerberos Service Account
• Key
• Key Verification
• Last Name
• Law of Consistent Experience Across Contexts
• Law of Directed Identity
• Law of agency
• Legal Entity Identifier
• Legal Person
• Level Of Assurance
• Life cycle
• Lifetime
• Little-Endian
• Logged out
• MSFT Access Token
• Management Information Base
• Meaningless But Unique Number
• Medium of exchange
• Merchant
• Microsoft Active Directory Anomalies
• Mobile subscriber
• ModifiersName
• Money
• Monopoly
• NAME
• Name
• Namespace
• National Strategy for Trusted Identities in Cyberspace
• NewCredentials
• NickName
• Nickname
• Non-Governmental Entity
• Non-interactive
• Non-person entity
• Not After
• Not Before
• Not-for-profit Entity
• OAuth 2.0 Actors
• OAuth 2.0 Incremental Authorization
• OAuth 2.0 Token Exchange
• OAuth 2.0 Token Exchange Request
• OAuth Scope Example
• Object
• Observer
• Official Name
• On-premise
• Online activity
• Open Access
• OpenID Connect Federation
• OpenID Connect Scopes
• Organizational Entity
• Password History
• Password Quality
• Payment
• Payment Card Verification
• Payroll Tax
• Peer
• Perfect Security
• Persistent Compute Objects
• Person
• Personal Entity
• Personal Name
• Personal data
• Phishing
• Policy Based Management System
• Policy Decision Point
• PreferredName
• Privacy Considerations
• Private data
• Privilege
• Privilege Management
• Privilege Management Infrastructure
• Protection API
• Provenance
• Prover
• Provider of services
• Provisioning
• Proxy
• Pseudonym
• Public Key Credential
• Public Key Infrastructure Weaknesses
• Publisher
• RBAC vs ABAC
• Read
• Recipient
• Registration
• Registration Authority
• Regulatory Agencies
• Releasability
• Relying Party
• Remote Authentication Dial-In User Service
• Repudiation
• Reputation System
• Resource Inventory Service
• Responsible
• Revocation model
• Rights
• Ring Signature
• Risk
• Risk Management
• SAML
• SIM Swap
• SOC 2
• SP
• Security Principal Objects
• Self-Service
• Self-Sovereign Identity
• Self-provisioning
• Sender Constrained Token
• Service Provider
• Session ID
• Shorthand Name
• Signature Verification
• Simple Authentication
• Single Responsibility Principle
• Single Sign-On
• Sovrin
• State
• Store
• StreetAddress
• Sub
• Subject
• Subject Attributes
• Subscriber
• Telecommunications
• Telephone Consumer Protection Act
• Thing
• Threat
• Token Consumer
• Token Provider
• Townships
• Transaction
• Treatment, Payment and Health care Operations
• Trust
• Trust Anchor
• Trust Model
• Trust Tier
• Trusted Certificate
• Trusted network
• Trustee
• Trustor
• Two-party consent
• Uid
• Uma_protection
• Unauthorized
• Unfortunate event
• Unique Identifier
• Untrusted network
• Update
• Updated_at
• User and Entity Behavior Analytics
• User-Managed Access
• Value Object
• Vendor Relationship Management
• Verifiable Claims
• Verifier
• Version
• Web Blog_blogentry_031017_1
• Web Blog_blogentry_230815_1
• Web Blog_blogentry_260715_1
• Web Blog_blogentry_281018_1
• WebFinger
• WebID
• Which Jane Doe
• Windows Logon
• XACML
• XDAS Initiator
• Zero Trust

---

• [#1] - Entity - based on 2013-04-10