Identity in Ten Hundred Words

From IIW

Identity in Ten Hundred Words

Thursday 2C

Convener: Sarah Squire

Notes-taker(s): Sarah Squire

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

We tried to explain identity concepts using only the thousand most common words. Here are some of the definitions we came up with:

Identity - A set of facts about a thing that make it what it is

Trust - A reason to think that a person or a computer will keep promises and tell the truth

Authorization - allowing a person or a thing to do something

Identity proofing - Making sure that a person’s on-line facts match their real-life facts

Authentication - Making sure that a person is the same person you saw last time (which is different from them being who they say they are!)

Password - Something known only by the the person who is supposed to know it that can be used to show that they are who they say they are.

Attributes - facts about a thing or a person

Assertion - a fact that is said by a thing you trust

Single Sign-On - sign into one place and get into other places I’m allowed to go to

Roles - names for things that a person does

Credentialing - giving people a name and a key for a situation

System of record - if two facts don’t agree, this computer is right

Assurance - how much I believe something that was said to be a fact

Privacy - being able to say who can know what about me

Standard - an agreed-upon way of doing something

Reputation - what other people are saying about me

Things we want to define in the future:

  • security
  • security theater
  • federation
  • breach
  • identity theft
  • risk