Roger Clarke's Web-Site© Xamax Consultancy Pty Ltd, 1995-2024 |
||||||
HOME | eBusiness |
Information Infrastructure |
Dataveillance & Privacy |
Identity Matters | Other Topics | |
What's New |
Waltzing Matilda | Advanced Site-Search |
Version of 27 April 2024
Revised version, to support a set of articles on IdEM
© Xamax Consultancy Pty Ltd, 2004-24
Available under an AEShareNet licence or a Creative Commons licence.
This document is at http://rogerclarke.com/ID/IDM-G.html
This document supersedes the version of 8 April 2024, and the previous versions of 23 June 2023 and 18 June 2022
[ Some degree of change-tracking is achieved by using
strikethrough and underlining. ]
[ The current version may need some revisions once a careful review has been undertaken of recent versions of the set of papers that the Glossary supports. ]
Abstract World means a space in which humans create elements, which may be intended to, or may be assumed to, represent aspects of the Real World, in which case the representation may be more or less reliable
Access Control means a process within the Operational Phase of Id/Entity Management which utilises previously recorded Permissions to establish a Session that enables a User to exercise the appropriate Permissions
Account means the data-holdings or profile associated with an Actor or Id/Entity-Instance for which an Authorization process has created a Permission
Active Imposed Digital Persona: An Imposed Digital Persona that enables the person controlling it to influence the actions of the Id/Entity associated with it
Active Projected Digital Persona: A Projected Digital Persona that is capable of taking actions as an agent for the individual
Actor means any Real-World Thing capable of Action on a Resource, including humans and some categories of artefact
Action means an operation performed:
Anonym means an Identifier that cannot be associated with any particular Entity-Instance, whether from the Data itself, or by combining it with other Data
Anonymity means that characteristic of an Identity, whereby it cannot be associated with any particular Entity, whether from the Data itself, or by combining it with other Data
Assertion means an expression of knowledge about one of more elements of the pragmatic metatheoretic model
Attribute means a characteristic of an element at the Conceptual Model level, in particular of an Entity, Identity or a Transaction
Authentication means a process that uses Evidence to establish a degree of confidence in the reliability of an Assertion
Authenticator means an item of Evidence
Authorization means a process within the Registration Phase of Id/Entity Management, whereby an Authorization Authority decides whether or not to declare that an Actor has one or more Permissions in relation to a particular IS or Physical Resource
Authorization Authority means an Entity with legal or practical power (de juré or de facto) to determine whether and what Permissions a particular Actor has in relation to a particular IS or Physical Resource
Authorized User. See User
Avatar means a visual representation or embodiment of a Digital Persona, static or moving, which represents, or substitutes for, the (or an) underlying Id/Entity
Candidate-Identifier means any combination of Data-Items in a Record that is considered capable of achieving reliable matches against the relevant Data-Items in another Record
Codified Knowledge means Data that is expressed and recorded in a more or less formal language
Conceptual Model means a representation of a system at more abstract level than a Data Model, reflecting the modeller's perception of Phenomena, by postulating Entities and Entity-Instances and presentations of Entities called Identities (to represent Things), and Transactions (to represent Events), with Relationships of various kinds among them, each of which may have Attributes (to represent Properties)
Confirmatory Information means evidence that reinforces a tentative judgement or opinion
Content is a collective word for Data, in particular for that Data which is included within a particular instance of a Storage-Medium
Context means the prevailing circumstances, or (in decision theory) a collection of settings of environmental variables
Credential means an Authenticator that carries the imprimatur of some form of Authority
Credential Authority means an Id/Entity that is recognised as providing assurance regarding the reliability of an Authenticator
Data means any symbol, sign or measure that is in a form accessible to a person and/or an artefact
Database means a collection of Files or Data-Sets
Data-Format is a technical specification for the recording of Data on a Storage-Medium
Data-Item means a storage-location in which a discrete Data-Item-Value can be represented
Data-Item-Value means the Content of a particular Data-Item within a particular Record. It may Empirical Data or Synthetic Data
Data Model means a representation of a system at a less abstract level than a Conceptual Model, which has as its focus Data that represents the Conceptual Model's abstract notions
Data-Record means a collection of Data-Items that refers to a single Real-World Thing or Event
Data-Set means a collection of Records. Also File
Decision means a commitment to a course of action
Digital Persona means a model of an Id/Entity's public personality, based on Data, and intended for use as a proxy for the Id/Entity. Operationally, a Data-Record sufficiently rich to provide an adequate image of the represented Id/Entity
Domain means the set of valid Data-Item-Values that can appear in a particular Data-Item
Empirical Data means Data that is intended to represent a Property of a Real-World Phenomenon
End User means a User that is provided Permissions for application purposes
Enrolment means a process within the Registration Phase of Id/Entity Management, in which Data is recorded to enable the Operational Phase to be conducted in an effective and efficient manner
Entification means a process whereby Data is associated with a particular Entity by acquiring or postulating an Entifier for the Entity
Entifier means a set of Data-items that are together sufficient to distinguish a particular Entity-Instance from others in the same category
Entity means an element at the Conceptual-Model level that models a Real-World Physical Thing
Entity Assertion is a claim that a particular Physical Thing is appropriately associated with one or more Entity-Records, by means of one or more Entifiers
Entity-Attribute is an element of a Conceptual Model that represents a Real-World Property of a Thing
Entity Authentication means a process that establishes a degree of confidence in the reliability of an Entity Assertion
Entity-Instance means a particular instance of an Entity
Entity-Record means a collection of Data-Items that refer to a single Physical Thing
Event means a Real-World occurrence that gives rise to changes in the Properties of Things
Evidence means Data that assists in determining a level of confidence in the reliability of an Assertion
Evidence of Entity (EoE) means one or more Authenticators used in relation to Entity Assertions
Evidence of Identity (EoI) means one or more Authenticators used in relation to Identity Assertions. The term Proof of Identity (PoI) is deprecated
File means a collection of Records. Also Data-Set
Function means a general description of a cluster of activities and Tasks that together form a cohesive whole
General-Purpose Identifier means an Identifier that was designed for, or has come to be used for, any and all purposes (cf. Identity Silo and Multi-Purpose Identifier)
Identification means a process whereby Data is associated with a particular Identity by acquiring or postulating an Identifier for the Identity
Identifier means a set of Data-items that are together sufficient to distinguish a particular Identity-Instance from others in the same category
Identity means an element at the Conceptual-Model level that models a Real-World Virtual Thing, e.g. arising from an Entity's performance in a particular Role
Identity Assertion means a claim that a particular Virtual Thing is appropriately associated with one or more Identity-Records, by means of one or more Identifiers
Identity-Attribute: An element of a Conceptual Model that represents a Real-World Property of a Thing
Identity Authentication means a process that establishes a degree of confidence in the reliability of an Identity Assertion
Identity-Instance means a particular instance of an Identity
Identity Management (IdM) means the architectures, infrastructure and processes conventionally used to support the Authentication of Identity Assertions. For a replacement notion that overcomes IdM's deficiencies, see Id/Entity Management (Id/EM)
Identity-Record means a collection of Data-Items that refer to a single Virtual Thing
Identity Silo means an Identity, and its associated Identifier(s), that are used for a restricted purpose (cf. Multi-Purpose Identifier and General-Purpose Identifier)
Id/Entification means a process within either the Registration or Operational process of Id/Entity Management, whereby Data is associated with a particular Id/Entity. This necessarily involves the provision, acquisition or postulation of either an Identifier (for Identification) or an Entifier (for Entification)
Id/Entifier means a set of Data-Items that are together sufficient to distinguish a particular Id/Entity-Instance in the Abstract World from other Id/Entity Instances
Id/Entity encompasses both Entity and Identity, and means an element of the Abstract World that models a Real-World Physical Thing (in the case of an Entity) or Virtual Thing (in the case of an Identity)
Id/Entity-Instance means a particular instance of an Id/Entity
Id/Entity Authentication means a process that establishes a degree of confidence in the reliability of an Id/Entity Assertion
Id/Entity Management (Id/EM) means the architecture, infrastructure and processes whereby access to Resources is enabled for appropriate Identity-Instances, and otherwise denied. It is a replacement for conventional Identity Management (IdM), designed to overcome IdM's inherent weaknesses
Imposed Digital Persona means a Digital Persona controlled by someone other than the individual it is associated with
Imposter means an Actor that is improperly recognised as
another Actorachieves Authentication and is thereby able to exercise
Permissions that have been granted to a particular Id/Entity, despite not being
an appropriate Entity to be authenticated as that particular Id/Entity
Information means Data that makes a difference, or Data that has value, or Data that has Relevance in a particular Context
Information System (IS) means a set of interacting elements that performs one or more functions involving the handling of Data and Information, including data creation, editing, processing and storage; and information selection, filtering, aggregration, presentation and use
Information Technology (IT) means artefacts designed for the purpose of supporting IS
IS discipline comprises researchers concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS profession comprises practitioners concerned with systematic data creation and information production, communication and use, and their management, impacts and implications
IS Resource means Data or Process in the Abstract World, on which an Actor is capable of undertaking an Action. See also Resource and Physical Resource
Knowledge means:
Login means a process whereby an an Actor communicates a request to exercise Permissions granted to a particular Id/Entity, which triggers an Operational Authentication process, and, if successful, an Access Control process, which creates a Session
Masquerade means one or more Actions by an Imposter in relation to a particular Resource
Metadata means Data that describes an Attribute of some other Data-related construct
Model means an Abstract-World representation of a Real-World System
Multi-Purpose Identifier means an Identifier that was designed for, or has come to be used for, multiple purposes (cf. Identity Silo and General-Purpose Identifier)
Nym is a generic term encompassing both Anonym and Pseudonym
Nymity is a generic term encompassing both Anonymity and Pseudonymity
Operational Authentication means a process within the Operational Phase of Id/Entity Management, which utilises previously-recorded Means of Authentication, to achieve a degree of confidence in the reliability of an Id/Entity Assertion
Operational Phase means the main phase of Id/Entity Management, comprising Id/Entification, Authentication and Access Control processes
Permission means an entitlement, or legal or practical (de juré or de facto) authority, to be provided with the capability to perform a specified Action in relation to a specified IS or Physical Resource, for a particular Purpose, Use, Function or Task:
Actor-Instance may-perform Action-Instance on { Resource, Resource-Instance }
Permission Breach means an Action in relation to a particular Resource that is performed other than in accordance with the Permission granted, whether through malfunction or other than for the particular Purpose, Use, Function or Task for which the Permission was granted
Persistent Nym is a Nym that is used for an extended period of time
Personal-Data-De-Identification is a process that purports to prevent Data from being reliably associated with the relevant human Id/Entity (if any)
Personal-Data-Re-Identification is a process that, despite the prior application of a Personal-Data-De-Identification process, purports to reliably associate Data with the relevant human Id/Entity
Personal-Data-Falsification is a process whereby Personal Data is changed in such a manner that is rendered valueless for any purpose relating to the administration of relationships between organisations and particular individuals. It converts Empirical Data, that reflects an Attribute of A Real-World human Id/Entity, into Synthetic Data that represents a plausible Phenomenon, but not a real one
Personal-Data-Item is a Data-Item that purports to be associated with a human Id/Entity
Personal-Data-Item-Value is a Data-Item-Value that purports to represent some Attribute of a human Id/Entity
Phenomenon is a collective term for Real-World Physical and Virtual Things, Events and Properties
Physical Resource means a Thing, Event or Property in the Real World, on which an Actor is capable of undertaking an Action. See also Resource and IS Resource
Physical Thing means a static Real-World Phenomenon with corporeal form. See also Thing and Virtual Thing
Pre-Authentication means a process within the Registration Phase of Id/Entity Management, in which Evidence is acquired and evaluated, to establish a degree of confidence in the reliability of Assertions of Id/Entity Assertion and of the appropriateness of providing that Id/Entity with a Permission
Projected Digital Persona means a Digital Persona under the control of the individual
Proof of Identity (PoI) is a deprecated term for an Authenticator used in relation to Identity Assertions. See instead Evidence of Identity (EoI)
Property means an aspect, feature or characteristic of a Phenomenon
Property Assertion means a claim that a particular Thing has a particular Property, based on one or more particular Data-Item-Values in one or more particular Id/Entity Records.
Pseudonym means an Identifier that may be able to be associated with a particular Entity-Instance, but only if legal, organisational and technical constraints are overcome
Pseudonymity means that characteristic of an Identity whereby it may be able to be associated with a particular Entity, but only if legal, organisational and technical constraints are overcome
Purpose means a general category of Uses to which a Resource may be put
Real World means a space in which Phenomena called Things are postulated to exist and Events are postulated to occur. See also Abstract-World
Real-World Data: See Empirical Data
Record means a collection of Data-Items that refers to a single Real-World Thing or Event. See also Entity-Record, Identity-Record and Transaction-Record
Record-Key means any one or more Data-Items held in a Data-Record whose value(s), alone or in combination, are sufficient to distinguish that Data-Record from other Data-Records. See also Entifier and Identifier
Refutative Information means evidence that contradicts a tentative judgement or opinion
Registration Phase means the preliminary phase of Id/Entity Management, comprising Id/Entification, Pre-Authentication, Authorization and Enrolment processes
Relationship means a linkage between two elements within the Conceptual Model level
Relationship-Attribute means an Atttribute of a Relationship
Relevance, in relation to particular Data, means the capacity of that Data to affect a particular Context
Relying Party means an Id/Entity that relies on Evidence that is purported to support an Assertion
Resource means either an IS Resource or a Physical Resource
Role means a coherent pattern of behaviour performed in a particular context
Session means a period of time during which a User is able to exercise its Permissions in relation to particular Resources
Storage-Medium means a Real-World Object whose purpose is to store Data
Subject means any Thing capable of action on an IS or Physical Resource
Surprisal Value means value arising because Data-Item-Value is not what was expected
Synthetic Data means Data that bears no direct relationship to any real-world Phenomenon
System means a set of interacting Real-World Id/Entities whose interactions give rise to behaviour that is materially different from the behaviour of the elements individually
System User means a User that is provided Permissions for system management purposes
Tacit Knowledge means insights that are informal and intangible, that exist only in the mind of a particular person, and that are experiential, procedural or propositional
Task means a specific activity in relation to an IS or Physical Resource
Text is a collective word for Content in Data-Formats that are intended to convey natural languages
Thing means a static Real-World Phenomenon. See also Physical Thing and Virtual Thing
Token means a recording medium on which useful Data is stored, such as one ore more Id/Entifiers, Authenticators and/or Credentials
Transaction is an element of a Conceptual Model that corresponds with a Real-World Event
Transaction-Attribute means an Attribute of a Transaction that reflects a Real-World Property that the modeller considers to be relevant to the purpose
Transaction-Instance means a specific instance of a Transaction
Transaction-Record means a collection of Data-Items that refer to a single Event
Use means a specific category of Purpose to which a Resource may be put
User means an authenticated Id/Entity that is provided with a Session that enables it to exercise its Permissions to perform particular Actions in relation to particular Resources. Aka: Authorized User. See also End User and System User
Value:
Virtual Thing means a static Real-World Phenomenon that does not have corporeal form. See also Thing and Physical Thing
Wisdom means well-informed judgement, exercised by applying decision criteria to Codified or Tacit Knowledge combined with new Information, possibly also embodying an appreciation of values and/or also applying negotiation among stakeholders in order to seek a best, or least-worst, outcome in terms of the impacts on each of those stakeholders' value-sets
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor associated with the Allens Hub for Technology, Law and Innovation in UNSW Law, and a Visiting Professor in the Research School of Computer Science at the Australian National University.
Personalia |
Photographs Presentations Videos |
Access Statistics |
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax. From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 75 million in late 2024. Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer |
Xamax Consultancy Pty Ltd ACN: 002 360 456 78 Sidaway St, Chapman ACT 2611 AUSTRALIA Tel: +61 2 6288 6916 |
Created: 18 June 2022 - Last Amended: 27 April 2024 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/ID/IDM-G.html
Mail to Webmaster - © Xamax Consultancy Pty Ltd, 1995-2024 - Privacy Policy