Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2025
Infrastructure
& Privacy
Matilda
Roger Clarke's Web-Site© Xamax Consultancy Pty Ltd, 1995-2025 |
|
|||||
| HOME | eBusiness |
Information Infrastructure |
Dataveillance & Privacy |
Identity Matters | Other Topics | |
| What's New |
Waltzing Matilda | Advanced Site-Search | ||||
Version of 23 June 2023
Revised version, to support a set of articles on IdEM
© Xamax Consultancy Pty Ltd, 2004-23
Available under an AEShareNet 
licence or a Creative
Commons 
licence.
This document is at http://rogerclarke.com/ID/IDM-G.html
This document supersedes the version of 18 June 2022
[ Some degree of change-tracking is achieved by using
strikethrough on prior versions. ]
[ The current version will need some revisions once a careful review has been undertaken of recent versions of the set of papers that the Glossary supports. ]
Abstract-World: Paired with the Real-World in the
notion of dualism, this refers to internal 'mind-stuff' (the spiritual and
intellectual plane). Extended for instrumentalist purposes, it includes the
postulation of Entities intended to correspond to Real-World Things, Attributes
of Entities to represent the Properties of Things, and Transactions to
represent Events
Abstract World means a space in which humans create
elements, which may be intended to, or may be assumed to, represent aspects of
the Real World, in which case the representation may be more or less reliable
Access control is the process whereby (a) means are
provided to enable an authorized subject to exercise their permissions, and (b)
unauthorised subjects are precluded from doing so
Access Control means a process whereby an authenticated
(Id)Entity is provided with a Session during which its Permissions are
enabled
Access Control means the process within the
Registration Phase of (Id)Entity Management which utilises previously recorded
Permissions to establish a Session that enables an authorized user to exercise
the appropriate Permissions
Account means the data-holdings or profile associated with a Subject or (Id)Entity-Instance for which an Authorization process has created a Permission
Active Imposed Digital Persona: An Imposed Digital Persona that enables the person controlling it to influence the actions of the (Id)Entity associated with it
Active Projected Digital Persona: A Projected Digital Persona that is capable of taking actions as an agent for the individual
Anonym means an Identifier that cannot be associated with any particular Entity, whether from the Data itself, or by combining it with other Data
Anonymity means that characteristic of an Identity, whereby it cannot be associated with any particular Entity, whether from the Data itself, or by combining it with other Data
Assertion means an expression of knowledge about one of more elements of the pragmatic metatheoretic model
Attribute means a characteristic of an element at the Conceptual Model level, in particular of an Entity, Identity or a Transaction
Authentication means a process that
establishes an appropriate degree of confidence in the reliability of an
assertion
Authentication means a process within the
Operational Phase of (Id)Entity Management, which utilises the recorded Means
of Authentication to establish a degree of confidence in the reliability of
Assertions
Authenticator means an item of Evidence
Authority means an Entity that is recognised as providing assurance regarding the reliability of an Authenticator
Authorization is the process whereby a decision is
made to declare that a subject has permission to perform an action on an
object
Authorization means a process within the Registration Phase
of (Id)Entity Management, in which decision criteria are applied in order to
determine what Permissions are to be made available to an (Id)Entity
Authorization means a process within the Registration
Phase of (Id)Entity Management, whereby an Authorization Authority decides
whether or not to declare that a Subject has a Permission in relation to an IS
Resource [ INSERT or Real-World Thing or Event ]
Authorization Authority means an Entity with legal or practical power (de juré or de facto) to determine whether a particular Subject has a particular Permission in relation to a particular IS Resource [ INSERT or Real-World Thing or Event ]
Avatar means a visual representation or embodiment of a Digital Persona, static or moving, which represents, or substitutes for, the (or an) underlying (Id)Entity
Candidate-Identifier means any combination of Data-Items in a Record that is considered capable of achieving reliable matches against the relevant Data-Items in another Record
Codified Knowledge means Data that is expressed and recorded in a more or less formal language
Conceptual Model means a representation of a system at more abstract level than a Data Model, reflecting the modeller's perception of Phenomena, by postulating Entities and Entity-Instances and presentations of Entities called Identities (to represent Things), and Transactions (to represent Events), with Relationships of various kinds among them, each of which may have Attributes (to represent Properties)
Confirmatory Information means evidence that reinforces a tentative judgement or opinion
Content is a collective word for Data, in particular for that Data which is included within a particular instance of a Storage-Medium
Context means the prevailing circumstances, or (in decision theory) a collection of settings of environmental variables
Credential means an Authenticator that carries the imprimatur of some form of Authority
Data means any symbol, sign or measure quantity, sign,
character or symbol, or collection of them, that is in a form accessible to
a person and/or an artefact
Database means a collection of Files or Data-Sets
Data-Format is a technical specification for the recording of Data on a Storage-Medium
Data-Item means a storage-location in which a discrete Data-Item-Value can be represented
Data-Item-Value means the Content of a particular Data-Item
within a particular Recorddata-storage-location. It may Empirical Data
or Synthetic Data
Data Model means a representation of a system at a less abstract level than a Conceptual Model, which has as its focus Data that represents the Conceptual Model's abstract notions
Data-Set means a collection of Records. Also File
Decision means a commitment to a course of action
Digital Persona: A model of the public personality
of an (Id)Entity, based on Data and maintained by Transactions, and intended
for use as a proxy for the (Id)Entity
Digital Persona means, conceptually, a model of an
individual's public personality based on Data and maintained by Transactions,
and intended for use as a proxy for the individual; and, operationally, a
Record that is sufficiently rich to provide the record-holder with an adequate
image of the represented Entity or Identity
Domain means the set of valid Data-Item-Values that can appear in a particular Data-Item
Empirical Data means DataContent that is
intendedpurports to represent a Property of a Real-World Phenomenon
End User means a User that is provided Permissions for application purposes
Enrolment means a process within the Registration Phase of (Id)Entity Management, in which Data is recorded to facilitate the conducts of the Operational Phase in an effective and efficient manner
Entification means the process whereby Data is associated with a particular Entity. This is achieved by acquiring or postulating an Entifier for the Entity
Entifier: Any one or more Data-Items held in a
Record whose Data-Item-Value(s), alone or in combination, are sufficient to
distinguish any particular Entity-Instance from all other Entity-Instances of
the same Entity
Entifier means a set of Data-items that are together
sufficient to distinguish a particular Entity-Instance from others in the same
category.
Entity: An element of a Conceptual Model that
corresponds with a Real-World Thing
Entity means an element at the Conceptual-Model level
that represents a Real-World Physical Thing
Entity Assertion is a claim that a particular Physical Thing is appropriately associated with one or more Entity-Records, by means of one or more Entifiers
Entity-Attribute is an element of a Conceptual Model that represents a Real-World Property of a Thing
Entity-Instance means a particularspecific instance of
an Entity
Event means a Real-World occurrence that gives rise to changes in the Properties of Things
Evidence means Data that assists in determining a level of confidence in the reliability of an Assertion
Evidence of Entity (EoE) means one or more Authenticators used in relation to Entity Assertions
Evidence of Identity (EoI) means an Authenticator
used in relation to Identity Assertions. See also Proof of Identity
(PoI)
Evidence of Identity (EoI) means one
or more Authenticators used in relation to Identity Assertions. The term Proof
of Identity (PoI) is deprecated
File means a collection of Records. Also Data-Set
General-Purpose Identifier means an Identifier that was designed for, or has come to be used for, any and all purposes (cf. Identity Silo and Multi-Purpose Identifier)
Identification means the process whereby Data is associated with a particular Identity. This is achieved by acquiring or postulating an Identifier for the Identity
Identifier: Any one or more Data-Items held in a
Record whose Data-Item-Value(s), alone or in combination, are sufficient to
distinguish any particular Identity-Instance from all other Identity-Instances
of the same Identity
Identifier means a set of Data-items that are together
sufficient to distinguish a particular Identity is an element at the
Conceptual-Model level that represents a Real-World Virtual Thing. See also
Nym, Anonym and Pseudonym.
Identity means an element at the Conceptual-Model level that
corresponds with a Real-World Virtual Thing that is of virtual rather than
physical form, e.g. arising from an Entity's performance in a particular
Role
Identity Assertion means a claim that a particular Virtual Thing is appropriately associated with one or more Identity-Records, by means of one or more Identifiers
Identity-Attribute: An element of a Conceptual Model that represents a Real-World Property of a Thing
Identity-Instance means a particularspecific instance
of an Identity
Identity Management (IdM) means the architectures, infrastructure and processes conventionally used to support the Authentication of Identity Assertions. For a replacement notion that overcomes IdM's deficiencies, see (Id)Entity Management (IdEM)
Identity Silo means an Identity, and its associated Identifier(s), that are used for a restricted purpose (cf. Multi-Purpose Identifier and General-Purpose Identifier)
(Id)Entification Process means a process within either the Registration or Operational process of (Id)Entity Management, in which one or more Assertions are made that relate to (Id)Entity. This necessarily involves the provision, acquisition or postulation of either an Identifier (for Identification) or an Entifier (for Entification). It may also enable association with Data stored about that (Id)Entifier
(Id)Entifier means a set of Data-Items that are together sufficient to distinguish a particular (Id)Entity-Instance in the Abstract World
(Id)Entity encompasses both Entity and Identity, and means an element of the Abstract World that represents a Real-World Physical Thing (in the case of an Entity) or Virtual Thing (in the case of an Identity)
(Id)Entity-Instance means a particular instance of an (Id)Entity
(Id)Entity Management (IdEM) means the architecture, infrastructure and processes whereby access to IS Resources is enabled for appropriate Users, and otherwise denied. It is a replacement for conventional Identity Management, designed to overcome IdM's inherent weaknesses
Imposed Digital Persona means a Digital Persona controlled by someone other than the individual it is associated with
Information: Data that has value because of its
context
Information means Data that makes a difference, or Data
that has value, or Data that has Relevance in a particular Context
Information System (IS) means a set of interacting elements that performs one or more functions involving the handling of Data and Information, including data creation, editing, processing and storage; and information selection, filtering, aggregration, presentation and use
Information Technology (IT) means artefacts designed for the purpose of supporting IS
IS discipline comprises researchers concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS profession comprises practitioners concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS Resource (or IS Object) means an Abstract-World Data or Process, that is capable of being acted upon
Knowledge means:
Login means a process whereby an an Entity communicates a request to exercise Permissions granted to a particular Subject, which triggers an Authentication process, and, if successful, an Access Control process
Metadata means Data that describes an Attribute of some
other Data-related construct
Model means an Abstract-World representation of a Real-World System
Multi-Purpose Identifier means an Identifier that was designed for, or has come to be used for, multiple purposes (cf. Identity Silo and General-Purpose Identifier)
Nym is a generic term encompassing both Anonym and Pseudonym
Nymity is a generic term encompassing both Anonymity and Pseudonymity
Operational Phase means the main phase of (Id)Entity Management, comprising (Id)Entification, Authentication and Access Control processes
Permission means an entitlement, or legal or practical (de juré or de facto) authority, to be provided with the capability to perform a specified act in relation to a specified IS Resource [ INSERT or Real-World Thing or Event ]
Persistent Nym is a Nym that is used for an extended period of time
Personal-Data-De-Identification is a process that purports to prevent Data from being reliably associated with the relevant human (Id)Entity (if any)
Personal-Data-Re-Identification is a process that, despite the prior application of a Personal-Data-De-Identification process, purports to reliably associate Data with the relevant human (Id)Entity
Personal-Data-Falsification is a process whereby Personal Data is changed in such a manner that is rendered valueless for any purpose relating to the administration of relationships between organisations and particular individuals. It converts Empirical Data, that reflects an Attribute of A Real-World human (Id)Entity, into Synthetic Data that represents a plausible Phenomenon, but not a real one
Personal-Data-Item is a Data-Item that purports to be associated with a human (Id)Entity
Personal-Data-Item-Value is a Data-Item-Value that purports to represent some Attribute of a human (Id)Entity
Phenomenon is a collective term for Real-World Physical and Virtual Things, Events and Properties
Physical Thing means a static Real-World Phenomenon with corporeal form. See also Thing and Virtual Thing
Pre-Authentication means a process within the Registration Phase of (Id)Entity Management, in which Evidence is evaluated, and possibly additional Evidence acquired and evaluated, in order to establish a degree of confidence in the reliability of Assertions
Projected Digital Persona means a Digital Persona under the control of the individual
Proof of Identity (PoI) is a deprecated term for an Authenticator used in relation to Identity Assertions. See instead Evidence of Identity (EoI)
Property: A feature or characteristic of a
Real-World Thing or Event
Property means an aspect, feature or characteristic of
a Phenomenon
Property Assertion means a claim that a particular Thing has a particular Property, based on one or more particular Data-Item-Values in one or more particular (Id)Entity Records.
Pseudonym means an Identifier that may be able to be associated with a particular Entity, but only if legal, organisational and technical constraints are overcome
Pseudonymity means that characteristic of an Identity whereby it may be able to be associated with a particular Entity, but only if legal, organisational and technical constraints are overcome
Real-World: Paired with the Abstract-World in the
notion of dualism, this refers to material realities, that is to say Phenomena,
comprising Things, Events and Properties
Real World means a space in which Phenomena called
Things are postulated to exist and Events are postulated to occur. See also
Abstract-World
Real-World Data: See Empirical Data
Record: A set of Data-Items each of which relates
to the same, single (Id)Entity-Instance
Record means a collection of Data-Items that refers to
a single Real-World Thing or Event
Record-Key means any one or more Data-Items held in a Record whose value(s), alone or in combination, are sufficient to distinguish that Record from other Records. See also Entifier and Identifier
Refutative Information means evidence that contradicts a tentative judgement or opinion
Registration Phase means the preliminary phase of (Id)Entity Management, comprising (Id)Entification, Pre-Authentication, Authorization and Enrolment processes
Relationship means a linkage between two elements within the Conceptual Model level
Relationship-Attribute means an Atttribute of a Relationship
Relevance, in relation to particular Data, means the capacity of that Data to affect a particular Context
Relying Party means an Entity that relies on Evidence that is purported to support an Assertion
Role: A pattern of behaviour adopted by an
Entity
Role means a coherent pattern of behaviour performed in
a particular context
Session means a period of time during which an authenticated (Id)Entity is able to utilise its Permissions to gain access to IS Resources
Storage-Medium means a Real-World Object whose purpose is to store Data
Subject means any Physical Thing or Virtual Thing [ INSERT or Real-World Thing or Event ] capable of action on an IS Resource [ INSERT or Real-World Thing or Event ]
Surprisal Value means value arising because Data-Item-Value is not what was expected
Synthetic Data means DataContent that bears no direct
relationship to any real-world Phenomenon
System means a set of interacting Real-World (Id)Entities
whose interactions give rise to behaviour that is materiallyvaluably
different from the behaviour of the elements individually
System User means a User that is provided Permissions for system management purposes
Tacit Knowledge means insights that are informal and intangible, that exist only in the mind of a particular person, and that are experiential, procedural or propositional
Text is a collective word for Content in Data-Formats that are intended to convey natural languages
Thing: A static Real-World element
Thing means a static Real-World Phenomenon. See also
Physical Thing and Virtual Thing
Token: A recording medium on which an Entifier or
Identifier may be recorded
Token means a recording medium on which useful Data is
stored, such as one ore more (Id)Entifiers, Authenticators and/or
Credentials
Transaction is an element of a Conceptual Model that corresponds with a Real-World Event
Transaction-Attribute means an Attribute of a Transaction that reflects a Real-World Property that the modeller considers to be relevant to the purpose
Transaction-Instance means a specific instance of a Transaction
User means an authenticated (Id)Entity, commonly with an (Id)Entifier referred to as a userid, loginid or username, that is provided with the ability to utilise its Permissions to perform specified acts in relation to specified IS Resources. See also End User and System User
Value:
Virtual Thing means a static Real-World Phenomenon that does not have corporeal form. See also Thing and Physical Thing
Wisdom means well-informed judgement, exercised by applying decision criteria to Codified or Tacit Knowledge combined with new Information, possibly also embodying an appreciation of values and/or also applying negotiation among stakeholders in order to seek a best, or least-worst, outcome in terms of the impacts on each of those stakeholders' value-sets
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor associated with the Allens Hub for Technology, Law and Innovation in UNSW Law, and a Visiting Professor in the Research School of Computer Science at the Australian National University.
| Personalia |
Photographs Presentations Videos |
Access Statistics |
 |
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax. From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 75 million in late 2024. Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer |
Xamax Consultancy Pty Ltd ACN: 002 360 456 78 Sidaway St, Chapman ACT 2611 AUSTRALIA Tel: +61 2 6288 6916 |
Created: 18 June 2022 - Last Amended: 23 June 2023 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/ID/IDM-G-230623.html
Mail to Webmaster - © Xamax Consultancy Pty Ltd, 1995-2024 - Privacy Policy