Difference between revisions of "Corroborated"

From MgmtWiki
Jump to: navigation, search
(Context)
 
(5 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
*A hypothesis about the [[Subject]]'s identity can start with a self-assertion from the [[Subject]]. From there incremental corroboration can be applied until the [[Subject]] has proved sufficient information to allow [[Authorization]] to proceed.
 
*A hypothesis about the [[Subject]]'s identity can start with a self-assertion from the [[Subject]]. From there incremental corroboration can be applied until the [[Subject]] has proved sufficient information to allow [[Authorization]] to proceed.
 
*For example, one detail that may need corroboration is the quality of [[Attested|Attestation]] of the protection offered to [[User]] [[Credential]]s by a [[User Agent]].
 
*For example, one detail that may need corroboration is the quality of [[Attested|Attestation]] of the protection offered to [[User]] [[Credential]]s by a [[User Agent]].
*The context of the [[Authorization]] will also be an important part of the determination sufficiency of the corroboration. For example the risk of (1) releasing information inappropriately or (2) the risk of not getting paid for access to the [[Resource]]. This evaluation is often called [[Fraud Detection]].
+
*The context of the [[Authorization]] will also be an important part of the determination sufficiency of the corroboration. For example the risk (1) of releasing information inappropriately or (2) of not getting paid for access to the [[Resource]]. This evaluation is often called [[Fraud Detection]].
  
 
==Problem==
 
==Problem==
 
Popper nicely described the problem in this way<ref>''The Logic of Scientific Discovery English Edition'' (1959)  chapter X ISBN 0-415-07892-X</ref>
 
Popper nicely described the problem in this way<ref>''The Logic of Scientific Discovery English Edition'' (1959)  chapter X ISBN 0-415-07892-X</ref>
<blockquote>Instead of discussing the 'probability' of a hypothesis we should try to asses what tests, what trials, it has withstood; that is, we should try to assess how far it has been able to prove its fitness to survive by standing up to tests. In brief, we should try to assess how fart it has been [[Corroborated]].
+
<blockquote>Instead of discussing the 'probability' of a hypothesis we should try to asses what tests, what trials, it has withstood; that is, we should try to assess how far it has been able to prove its fitness to survive by standing up to tests. In brief, we should try to assess how far it has been [[Corroborated]].
 
</blockquote>
 
</blockquote>
 +
In the language of this wiki we speak in terms of the number and veracity of the [[Authentication Factor]]s used in [[Authentication]] of the subject.
  
 
==Solution ==
 
==Solution ==
Line 18: Line 19:
  
 
==References==
 
==References==
 +
<references />
 +
===Other Material===
 
# Synonyms include: [[Assurance]] [[Attested]] [[Validated]].
 
# Synonyms include: [[Assurance]] [[Attested]] [[Validated]].
  
 
[[Category:Glossary]]
 
[[Category:Glossary]]
 +
[[Category:Assurance]]
 +
[[Category: Authentication]]
 +
[[Category: Factor]]

Latest revision as of 13:57, 26 May 2024

Full Title or Meme

A hypothesis is Corroborated if some series of tests can confirm the hypothesis about (for example) a Subject's Identity.

Context

  • The Context in which a corroboration of Identity applies is typically during the Authorization of access by a Subject to a Resource.
  • A hypothesis about the Subject's identity can start with a self-assertion from the Subject. From there incremental corroboration can be applied until the Subject has proved sufficient information to allow Authorization to proceed.
  • For example, one detail that may need corroboration is the quality of Attestation of the protection offered to User Credentials by a User Agent.
  • The context of the Authorization will also be an important part of the determination sufficiency of the corroboration. For example the risk (1) of releasing information inappropriately or (2) of not getting paid for access to the Resource. This evaluation is often called Fraud Detection.

Problem

Popper nicely described the problem in this way[1]

Instead of discussing the 'probability' of a hypothesis we should try to asses what tests, what trials, it has withstood; that is, we should try to assess how far it has been able to prove its fitness to survive by standing up to tests. In brief, we should try to assess how far it has been Corroborated.

In the language of this wiki we speak in terms of the number and veracity of the Authentication Factors used in Authentication of the subject.

Solution

The article "Bayesian Identity Proofing" offers one statistical method of incrementally corroborating a User prior to Authorization.

References

  1. The Logic of Scientific Discovery English Edition (1959) chapter X ISBN 0-415-07892-X

Other Material

  1. Synonyms include: Assurance Attested Validated.