|
Identity assurance in the context of federated identity management is the ability for a party to determine, with some level of certainty, that an electronic credential representing an entity (human or a machine) with which it interacts to effect a transaction, can be trusted to actually belong to the entity. In the case where the entity is a person, identity assurance is the level at which the credential being presented can be trusted to be a proxy for the individual to whom it was issued and not someone else. Assurance levels (ALs) are the levels of trust associated with a credential as measured by the associated technology, processes, and policy and practice statements. ==Description== Identity assurance, in an online context, is the ability of a relying party to determine, with some level of certainty, that a claim to a particular identity made by some entity can be trusted to actually be the claimant's "true" identity. Identity claims are made by presenting an identity credential to the Relying Party. In the case where the entity is a person, this credential may take several forms, including: (a) personally identifiable information such as name, address, birthdate, etc.; (b) an identity proxy such a username, login identifier (user name), or email address; and (c) an X.509 digital certificate. Identity assurance specifically refers to the degree of certainty of an identity assertion made by an identity provider by presenting an identity credential to the Relying Party. In order to issue this assertion, the Identity Provider must first determine whether or not the claimant possesses and controls an appropriate token, using a predefined authentication protocol. Depending on the outcome of this authentication procedure, the assertion returned to the Relying Party by the Identity Provider allows the Relying Party to decide whether or not to trust that the identity associated with the credential actually "belongs" to the person presenting the credential. The degree of certainty that a relying party can have about the true identity of someone presenting an identity credential is known as the assurance level (ALs). Four levels of assurance were outlined by a 2006 document from the US National Institute of Standards and Technology. The level of assurance is measured by the strength and rigor of the identity proofing process, the strength of the token used to authenticate the identity claim, and the management processes the identity provider applies to it. These four levels were adopted by the governments of the U.K., Canada and the U.S. for electronic government services. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Identity assurance」の詳細全文を読む スポンサード リンク
|