Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2024
Infrastructure
& Privacy
Matilda
Roger Clarke's Web-Site© Xamax Consultancy Pty Ltd, 1995-2024 |
|
|||||
| HOME | eBusiness |
Information Infrastructure |
Dataveillance & Privacy |
Identity Matters | Other Topics | |
| What's New |
Waltzing Matilda | Advanced Site-Search | ||||
Version of 8 April 2024
Revised version, to support a set of articles on IdEM
© Xamax Consultancy Pty Ltd, 2004-24
Available under an AEShareNet 
licence or a Creative
Commons 
licence.
This document is at http://rogerclarke.com/ID/IDM-G.html
This document supersedes the version of 23 June 2023
That document superseded the version of 18 June 2022
[ Some degree of change-tracking is achieved by using
strikethrough on prior versions. ]
[ The current version will need some revisions once a careful review has been undertaken of recent versions of the set of papers that the Glossary supports. ]
Abstract World means a space in which humans create elements, which may be intended to, or may be assumed to, represent aspects of the Real World, in which case the representation may be more or less reliable
Access Control means a the process within the
Operational Phase of Id/Entity Management which utilises previously recorded
Permissions to establish a Session that enables a User an authorized
user to exercise the appropriate Permissions
Account means the data-holdings or profile associated with an
Actor or Id/Entity-Instance a Subject or (Id)Entity-Instance for which
an Authorization process has created a Permission
Active Imposed Digital Persona: An Imposed Digital Persona that enables the person controlling it to influence the actions of the Id/Entity associated with it
Active Projected Digital Persona: A Projected Digital Persona that is capable of taking actions as an agent for the individual
Actor means any Real-World Thing capable of Action on a Resource, including humans and some categories of artefact
Action means an operation performed:
Anonym means an Identifier that cannot be associated with any particular Entity-Instance, whether from the Data itself, or by combining it with other Data
Anonymity means that characteristic of an Identity, whereby it cannot be associated with any particular Entity, whether from the Data itself, or by combining it with other Data
Assertion means an expression of knowledge about one of more elements of the pragmatic metatheoretic model
Attribute means a characteristic of an element at the Conceptual Model level, in particular of an Entity, Identity or a Transaction
Authentication means a process within the Operational Phase
of (Id)Entity Management, which utilises the recorded Means of
Authentication that uses Evidence to establish a degree of confidence in
the reliability of an Assertion
Authenticator means an item of Evidence
Authority means an Entity that is recognised as
providing assurance regarding the reliability of an Authenticator
Authorization means a process within the Registration Phase of
Id/Entity Management, whereby an Authorization Authority decides whether or not
to declare that an Actor a Subject has one or more Permissions in
relation to a particular IS or Physical Resource [ INSERT or Real-World
Thing or Event ]
Authorization Authority means an Entity with legal or
practical power (de juré or de facto) to determine
whether and what Permissions a particular Actor has in relation to a particular
IS or Physical Resource whether a particular Subject has a particular
Permission in relation to a particular IS Resource [ INSERT or Real-World Thing
or Event ]
Authorized User. See User
Avatar means a visual representation or embodiment of a Digital Persona, static or moving, which represents, or substitutes for, the (or an) underlying Id/Entity
Candidate-Identifier means any combination of Data-Items in a Record that is considered capable of achieving reliable matches against the relevant Data-Items in another Record
Codified Knowledge means Data that is expressed and recorded in a more or less formal language
Conceptual Model means a representation of a system at more abstract level than a Data Model, reflecting the modeller's perception of Phenomena, by postulating Entities and Entity-Instances and presentations of Entities called Identities (to represent Things), and Transactions (to represent Events), with Relationships of various kinds among them, each of which may have Attributes (to represent Properties)
Confirmatory Information means evidence that reinforces a tentative judgement or opinion
Content is a collective word for Data, in particular for that Data which is included within a particular instance of a Storage-Medium
Context means the prevailing circumstances, or (in decision theory) a collection of settings of environmental variables
Credential means an Authenticator that carries the imprimatur of some form of Authority
Credential Authority means an Id/Entity that is recognised as providing assurance regarding the reliability of an Authenticator
Data means any symbol, sign or measure that is in a form accessible to a person and/or an artefact
Database means a collection of Files or Data-Sets
Data-Format is a technical specification for the recording of Data on a Storage-Medium
Data-Item means a storage-location in which a discrete Data-Item-Value can be represented
Data-Item-Value means the Content of a particular Data-Item within a particular Record. It may Empirical Data or Synthetic Data
Data Model means a representation of a system at a less abstract level than a Conceptual Model, which has as its focus Data that represents the Conceptual Model's abstract notions
Data-Record means a collection of Data-Items that refers to a single Real-World Thing or Event
Data-Set means a collection of Records. Also File
Decision means a commitment to a course of action
Digital Persona means, conceptually, a model of an
individual's public personality based on Data and maintained by Transactions,
and intended for use as a proxy for the individual; and, operationally, a
Record that is sufficiently rich to provide the record-holder with an adequate
image of the represented Entity or Identity
Digital Persona means a model of an Id/Entity's public personality, based on Data, and intended for use as a proxy for the Id/Entity. Operationally, a Data-Record sufficiently rich to provide an adequate image of the represented Id/Entity
Domain means the set of valid Data-Item-Values that can appear in a particular Data-Item
Empirical Data means Data that is intended to represent a Property of a Real-World Phenomenon
End User means a User that is provided Permissions for application purposes
Enrolment means a process within the Registration Phase of
Id/Entity Management, in which Data is recorded to facilitate the conducts
ofenable the Operational Phase to be conducted in an effective and
efficient manner
Entification means thea process whereby Data is
associated with a particular Entity. This is achieved by acquiring or
postulating an Entifier for the Entity
Entifier means a set of Data-items that are together sufficient to distinguish a particular Entity-Instance from others in the same category
Entity means an element at the Conceptual-Model level that
representsmodels a Real-World Physical Thing
Entity Assertion is a claim that a particular Physical Thing is appropriately associated with one or more Entity-Records, by means of one or more Entifiers
Entity-Attribute is an element of a Conceptual Model that represents a Real-World Property of a Thing
Entity Authentication means a process that establishes a degree of confidence in the reliability of an Entity Assertion
Entity-Instance means a particular instance of an Entity
Entity-Record means a collection of Data-Items that refer to a single Physical Thing
Event means a Real-World occurrence that gives rise to changes in the Properties of Things
Evidence means Data that assists in determining a level of confidence in the reliability of an Assertion
Evidence of Entity (EoE) means one or more Authenticators used in relation to Entity Assertions
Evidence of Identity (EoI) means one or more Authenticators used in relation to Identity Assertions. The term Proof of Identity (PoI) is deprecated
File means a collection of Records. Also Data-Set
Function means a general description of a cluster of activities and Tasks that together form a cohesive whole
General-Purpose Identifier means an Identifier that was designed for, or has come to be used for, any and all purposes (cf. Identity Silo and Multi-Purpose Identifier)
Identification means thea process whereby Data is
associated with a particular Identity. This is achieved by acquiring or
postulating an Identifier for the Identity
Identifier means a set of Data-items that are together sufficient to distinguish a particular Identity-Instance from others in the same category
Identity means an element at the Conceptual-Model level that
corresponds withmodels a Real-World Virtual Thing, e.g. arising from an
Entity's performance in a particular Role
Identity Assertion means a claim that a particular Virtual Thing is appropriately associated with one or more Identity-Records, by means of one or more Identifiers
Identity-Attribute: An element of a Conceptual Model that represents a Real-World Property of a Thing
Identity Authentication means a process that establishes a degree of confidence in the reliability of an Identity Assertion
Identity-Instance means a particular instance of an Identity
Identity Management (IdM) means the architectures, infrastructure and processes conventionally used to support the Authentication of Identity Assertions. For a replacement notion that overcomes IdM's deficiencies, see Id/Entity Management (Id/EM)
Identity-Record means a collection of Data-Items that refer to a single Virtual Thing
Identity Silo means an Identity, and its associated Identifier(s), that are used for a restricted purpose (cf. Multi-Purpose Identifier and General-Purpose Identifier)
Id/Entification Process means a process within
either the Registration or Operational process of Id/Entity Management, in
which one or more Assertions are made that relate to Id/Entitywhereby Data
is associated with a particular Id/Entity. This necessarily involves the
provision, acquisition or postulation of either an Identifier (for
Identification) or an Entifier (for Entification). It may also enable
association with Data stored about that Id/Entifier
Id/Entifier means a set of Data-Items that are together sufficient to distinguish a particular Id/Entity-Instance in the Abstract World from other Id/Entity Instances
Id/Entity encompasses both Entity and Identity, and means an
element of the Abstract World that representsmodels a Real-World
Physical Thing (in the case of an Entity) or Virtual Thing (in the case of an
Identity)
Id/Entity-Instance means a particular instance of an Id/Entity
Id/Entity Authentication means a process that establishes a degree of confidence in the reliability of an Id/Entity Assertion
Id/Entity Management (Id/EM) means the architecture,
infrastructure and processes whereby access to IS Resources is enabled
for appropriate UsersIdentity-Instances, and otherwise denied. It is a
replacement for conventional Identity Management (IdM), designed to overcome
IdM's inherent weaknesses
Imposed Digital Persona means a Digital Persona controlled by someone other than the individual it is associated with
Imposter means an Actor that achieves Authentication and is thereby able to exercise Permissions that have been granted to a particular Id/Entity, despite not being an appropriate Entity to be authenticated as that particular Id/Entity
Information means Data that makes a difference, or Data that has value, or Data that has Relevance in a particular Context
Information System (IS) means a set of interacting elements that performs one or more functions involving the handling of Data and Information, including data creation, editing, processing and storage; and information selection, filtering, aggregration, presentation and use
Information Technology (IT) means artefacts designed for the purpose of supporting IS
IS discipline comprises researchers concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS profession comprises practitioners concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS Resource (or IS Object) means an Abstract-World
Data or Process, that is capable of being acted upon
IS Resource means Data or Process in the Abstract World, on which an Actor is capable of undertaking an Action. See also Resource and Physical Resource
Knowledge means:
Login means a process whereby an an Actor Entity
communicates a request to exercise Permissions granted to a particular
Id/Entity Subject, which triggers an Operational Authentication process,
and, if successful, an Access Control process, which creates a Session
Masquerade means one or more Actions by an Imposter in relation to a particular Resource
Metadata means Data that describes an Attribute of some other Data-related construct
Model means an Abstract-World representation of a Real-World System
Multi-Purpose Identifier means an Identifier that was designed for, or has come to be used for, multiple purposes (cf. Identity Silo and General-Purpose Identifier)
Nym is a generic term encompassing both Anonym and Pseudonym
Nymity is a generic term encompassing both Anonymity and Pseudonymity
Operational Authentication means a process within the Operational Phase of Id/Entity Management, which utilises previously-recorded Means of Authentication, to achieve a degree of confidence in the reliability of an Id/Entity Assertion
Operational Phase means the main phase of Id/Entity Management, comprising Id/Entification, Authentication and Access Control processes
Permission means an entitlement, or legal or
practical (de juré or de facto) authority, to be provided with the
capability to perform a specified actAction in relation to a specified
IS or Physical Resource [ INSERT or Real-World Thing or Event ], for a
particular Purpose, Use, Function or Task:
Actor-Instance
may-perform Action-Instance on { Resource, Resource-Instance }
Permission Breach means an Action in relation to a particular Resource that is performed other than for the particular Purpose, Use, Function or Task for which the Permission was granted
Persistent Nym is a Nym that is used for an extended period of time
Personal-Data-De-Identification is a process that purports to prevent Data from being reliably associated with the relevant human Id/Entity (if any)
Personal-Data-Re-Identification is a process that, despite the prior application of a Personal-Data-De-Identification process, purports to reliably associate Data with the relevant human Id/Entity
Personal-Data-Falsification is a process whereby Personal Data is changed in such a manner that is rendered valueless for any purpose relating to the administration of relationships between organisations and particular individuals. It converts Empirical Data, that reflects an Attribute of A Real-World human Id/Entity, into Synthetic Data that represents a plausible Phenomenon, but not a real one
Personal-Data-Item is a Data-Item that purports to be associated with a human Id/Entity
Personal-Data-Item-Value is a Data-Item-Value that purports to represent some Attribute of a human Id/Entity
Phenomenon is a collective term for Real-World Physical and Virtual Things, Events and Properties
Physical Resource means a Thing, Event or Property in the Real World, on which an Actor is capable of undertaking an Action. See also Resource and IS Resource
Physical Thing means a static Real-World Phenomenon with corporeal form. See also Thing and Virtual Thing
Pre-Authentication means a process within the Registration
Phase of Id/Entity Management, in which Evidence is acquired and evaluated,
and possibly additional Evidence acquired and evaluated, in order to
establish a degree of confidence in the reliability of Assertions
of Id/Entity Assertion and of the appropriateness of providing that
Id/Entity with a Permission
Projected Digital Persona means a Digital Persona under the control of the individual
Proof of Identity (PoI) is a deprecated term for an Authenticator used in relation to Identity Assertions. See instead Evidence of Identity (EoI)
Property means an aspect, feature or characteristic of a Phenomenon
Property Assertion means a claim that a particular Thing has a particular Property, based on one or more particular Data-Item-Values in one or more particular Id/Entity Records.
Pseudonym means an Identifier that may be able to be associated with a particular Entity-Instance, but only if legal, organisational and technical constraints are overcome
Pseudonymity means that characteristic of an Identity whereby it may be able to be associated with a particular Entity, but only if legal, organisational and technical constraints are overcome
Purpose means a general category of Uses to which a Resource may be put
Real World means a space in which Phenomena called Things are postulated to exist and Events are postulated to occur. See also Abstract-World
Real-World Data: See Empirical Data
Record means a collection of Data-Items that refers
to a single Real-World Thing or Event
Record-Key means any one or more Data-Items held in a Data-Record whose value(s), alone or in combination, are sufficient to distinguish that Data-Record from other Data-Records. See also Entifier and Identifier
Refutative Information means evidence that contradicts a tentative judgement or opinion
Registration Phase means the preliminary phase of Id/Entity Management, comprising Id/Entification, Pre-Authentication, Authorization and Enrolment processes
Relationship means a linkage between two elements within the Conceptual Model level
Relationship-Attribute means an Atttribute of a Relationship
Relevance, in relation to particular Data, means the capacity of that Data to affect a particular Context
Relying Party means an Id/Entity that relies on Evidence that is purported to support an Assertion
Resource means either an IS Resource or a Physical Resource
Role means a coherent pattern of behaviour performed in a particular context
Session means a period of time during which a User an
authenticated (Id)Entity is able to exercise utilise its Permissions
in relation to gain access to particular IS Resources
Storage-Medium means a Real-World Object whose purpose is to store Data
Subject means any Physical Thing or Virtual Thing [
INSERT or Real-World Thing or Event ] capable of action on an IS or
Physical Resource [ INSERT or Real-World Thing or Event ]
Surprisal Value means value arising because Data-Item-Value is not what was expected
Synthetic Data means Data that bears no direct relationship to any real-world Phenomenon
System means a set of interacting Real-World Id/Entities whose interactions give rise to behaviour that is materially different from the behaviour of the elements individually
System User means a User that is provided Permissions for system management purposes
Tacit Knowledge means insights that are informal and intangible, that exist only in the mind of a particular person, and that are experiential, procedural or propositional
Task means a specific activity in relation to an IS or Physical Resource
Text is a collective word for Content in Data-Formats that are intended to convey natural languages
Thing means a static Real-World Phenomenon. See also Physical Thing and Virtual Thing
Token means a recording medium on which useful Data is stored, such as one ore more Id/Entifiers, Authenticators and/or Credentials
Transaction is an element of a Conceptual Model that corresponds with a Real-World Event
Transaction-Attribute means an Attribute of a Transaction that reflects a Real-World Property that the modeller considers to be relevant to the purpose
Transaction-Instance means a specific instance of a Transaction
Use means a specific category of Purpose to which a Resource may be put
User means an authenticated Id/Entity that is provided with a
Session that enables it to exercise the ability to utilise its
Permissions to perform particular Actions specified acts in relation to
particular specified IS Resources. Aka: Authorized User. See also End
User and System User
Value:
Virtual Thing means a static Real-World Phenomenon that does not have corporeal form. See also Thing and Physical Thing
Wisdom means well-informed judgement, exercised by applying decision criteria to Codified or Tacit Knowledge combined with new Information, possibly also embodying an appreciation of values and/or also applying negotiation among stakeholders in order to seek a best, or least-worst, outcome in terms of the impacts on each of those stakeholders' value-sets
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor associated with the Allens Hub for Technology, Law and Innovation in UNSW Law, and a Visiting Professor in the Research School of Computer Science at the Australian National University.
| Personalia |
Photographs Presentations Videos |
Access Statistics |
 |
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax. From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021. Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer |
Xamax Consultancy Pty Ltd ACN: 002 360 456 78 Sidaway St, Chapman ACT 2611 AUSTRALIA Tel: +61 2 6288 6916 |
Created: 18 June 2022 - Last Amended: 8 April 2024 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/ID/IDM-G.html
Mail to Webmaster - © Xamax Consultancy Pty Ltd, 1995-2022 - Privacy Policy