<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] (as Identity) is what binds a [entity] (or a [Person]) to his or her [reputation], and [reputation] is what earns that [person] [trust] within the [community], which in turn facilitates or inhibits that individual’s [actions] depending on his or her level of [trust]. 


The cycle of [identification] does not end. As we conduct more [actions], the volume of our [Reputation System] [data] increases and our [trust] level is continually adjusted through the judgment of the prevailing [social|Social contract], moral, and [legal] codes.

It can be argued that the role of identity has not changed since the beginning of civilization. [Humans] use [identification] to determine in which type of interactions to engage with other [people|Person]. More specifically, we use identity to facilitate the actions of those we know and [trust], and to protect us from those we do not [trust] or from those we do not know.

This same [Reputation System] is used with [IoT] devices as with other [Entities]

You will not find a simple, single definition on Identity or [{$pagename}]. Here are some that we have run across that we think are best:
* [{$pagename}] is a set of [attributes] related to an [Entity]. [ISO 29115]
* [{$pagename}] is a representation of a set of [Claims] made by one [Party|Entity] about itself or another [Entity].[1]
* Identity is how we keep track of [people|Person] and [things] and, in turn, how they keep track of us.[2]


[{$pagename}] implies that [Identification] (i.e. that the [Entity] has been separated from the [Anonymity Set]) has been performed and the [{$pagename}] is __NOT__ [Anonymous].


[{$pagename}] has one or more [Identifiers] which [MAY] be referred to as [Identity Attributes]

Interestingly, we tend to call these [devices] until a [Digital Identity] [Authenticates] and then __THAT SAME [Device]__ is now considered a &quot;Person&quot;. Reality is you will never fins a Person on the network or ever seen a Person that has a [MAC Address].

!! [Context]
[{$pagename}] exists within a provided [context] which usually involves a [Relationship] which might be within one of the Following:
* [Organizational Entity]
* [Government Entity]
* [Social|Social Identity Provider]

!! [{$pagename}] and [Relationships]
In a typical [Identity and Access Management] system additional attributes which defined the [relationship] that &quot;[{$pagename}]&quot; might have with various [applications]. These [relationships] which are then used in the process [authentication] and [authorization] of the [{$pagename}] when engaging with the application.

!! [{$pagename}] [Enrollment]
A [{$pagename}] can be created on the fly when a particular identity transaction is desired (Example: [OpenID Connect]), or persisted in a [Data Store|DataStore] to provide a reference for the [{$pagename}].

Typically when a [{$pagename}] is created there is a [Identity Proofing] process

A [{$pagename}] may be signed by a Digital [Identity Provider (IDP)] to provide a [Level Of Assurance] to a [Relying Party]

!! [{$pagename}], [Authentication], [Authorization] 
[{$pagename}], [Authentication] and [Authorization] are separate and distinct.

[{$pagename}] are the [Claims] ([Attributes] or [Identifiers]) for a specific [entity] that provide [Identification]

[Authentication] is the process of establishing a [Level Of Assurance] that the [Identification] is __authentic__.

[Authorization] is when a [Trustor] grants a [Permission] to a [{$pagename}] (a [Trustee]) to perform a [privilege] against a [Target Resource]

!! [{$pagename}] is Also Know as
There are many terms used to represent essentially the same thing.
* [Resource Owner] is used in [OAuth 2.0]
* [Subject] is used in [Security Assertion Markup Language] ([SAML])
* [User] is often used
* [Principal] is often used
* [Consumer of services] may be used
* [Microsoft Account]
* [End-User]


Please do NOT use [Account]. An [Account] is a some place where a [Person] (or a [{$pagename}]) puts an [Asset] in the hands of a [Trustee]. (Just a thing with [{$applicationname}] folks.)

[{$pagename}], well Identity, is a Facet Of Building [Trust]

!! [{$pagename}] [Classification]
There two broad [{$pagename}] [Classifications]:
* foundational identity - is a multi-purpose, allowing access to multiple [services] or [Resources].
* functional identity - solely for a narrowly defined [service] or [Resource]. For [example], a medical insurance card is used to access health care and a voter ID card serves the purpose of conducting a vote

People love to make up words and phrases to express themselves.

[{$pagename}]s may be [classified|Classification] by the type of [Identity Provider (IDP)]:
* [Organizational Identity]
* [Government Identity]
* [Social Identity]
* [Anonymous Identity]

[{$pagename}] might also be [classified|Classification] by the [Relationship] as:
* [Employee] ([B2E])
* [Customer] ([B2C])
* [Partners] ([B2B])
* [Contractor] ([B2B]) 
* [Vender] ([B2B])
* [Citizen]

[classified|Classification] by the [Identity Management] [Framework] of the [{$pagename}]:
* [User-centric Identity]
** [Self-Sovereign Identity]
* [Multi-Source Identity]

[{$pagename}]s may be [Classified|Classification] as one of the following:
* [Privileged Identity] which may be further [Classified|Classification]
* [NORMAL_ACCOUNT]

!! [{$pagename}] and [Context]
A given [{$pagename}] is typically related to a given [Context].

! How a [{$pagename}] relates to a [Digital Subject]
There should be some further understandings about how a [{$pagename}] relates to a [Digital Subject]:
* A [{$pagename}] is a set of [Attributes] about a [Digital Subject] for a specific [Context]
* For any given [Digital Subject] there will typically exist multiple Digital Identities. For [Example]: 
** [Yahoo]
** [Google]
** [Microsoft]
** their [bank]
** their [Employee] [{$pagename}] from the company where they work.



! [{$pagename}] [Data Stores]
Within an [Organizational Entity] (i.e think of a [company] there may be the following [Data Stores]:
* [Human Resources]
* [LDAP]
* [Microsoft Active Directory]
* [Databases]
There is probably a [Employee] with a [Digital Identity] defined in each of these [Data Stores]. Each one of these [Data Stores] has [Attribute Values] or [Identifiers] which could be presented to a [Verifier] as a [Claim] so each of them has a seperate [Digital Identity] that is associated with the same [Employee]. The combination of these [Digital Identities|Digital Identity] is the [Digital Subject] within the [Organizational Entity]. Some folks refer to this as an [Identity Cube].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [The Seven Laws Of Identity/TheLawsOfIdentity.pdf]
* [#2] - [A Primer on Functional Identity|https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/functional-identity-primer.md|target='_blank']  - based on information obtained 2017-08-14
* [#3] - [Identity and Trust|https://openknowledge.worldbank.org/bitstream/handle/10986/20752/912490WP0Digit00Box385330B00PUBLIC0.pdf|target='_blank'] - based on information obtained 2019-08-08 
* [#4] - [If you turn to page 524|https://twitter.com/NishantK/status/1172525318097330176?s=20|target='_blank'] - based on information obtained 2019-09-14 
</pre>