Full Title or Meme
- The Context in which a corroboration of Identity applies is typically during the Authorization of access by a Subject to a Resource.
- A hypothesis about the Subject's identity can start with a self-assertion from the Subject. From there incremental corroboration can be applied until the Subject has proved sufficient information to allow Authorization to proceed.
- For example, one detail that may need corroboration is the quality of Attestation of the protection offered to User Credentials by a User Agent.
- The context of the Authorization will also be an important part of the determination sufficiency of the corroboration. For example the risk (1) of releasing information inappropriately or (2) of not getting paid for access to the Resource. This evaluation is often called Fraud Detection.
Popper nicely described the problem in this way
Instead of discussing the 'probability' of a hypothesis we should try to asses what tests, what trials, it has withstood; that is, we should try to assess how far it has been able to prove its fitness to survive by standing up to tests. In brief, we should try to assess how fart it has been Corroborated.