Corroborated

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

A hypothesis is Corroborated if some series of tests can confirm the hypothesis about (for example) a Subject's Identity.

Context

  • The Context in which a corroboration of Identity applies is typically during the Authorization of access by a Subject to a Resource.
  • A hypothesis about the Subject's identity can start with a self-assertion from the Subject. From there incremental corroboration can be applied until the Subject has proved sufficient information to allow Authorization to proceed.
  • For example, one detail that may need corroboration is the quality of Attestation of the protection offered to User Credentials by a User Agent.
  • The context of the Authorization will also be an important part of the determination sufficiency of the corroboration. For example the risk (1) of releasing information inappropriately or (2) of not getting paid for access to the Resource. This evaluation is often called Fraud Detection.

Problem

Popper nicely described the problem in this way[1]

Instead of discussing the 'probability' of a hypothesis we should try to asses what tests, what trials, it has withstood; that is, we should try to assess how far it has been able to prove its fitness to survive by standing up to tests. In brief, we should try to assess how far it has been Corroborated.

In the language of this wiki we speak in terms of the number and veracity of the Authentication Factors used in Authentication of the subject.

Solution

The article "Bayesian Identity Proofing" offers one statistical method of incrementally corroborating a User prior to Authorization.

References

  1. The Logic of Scientific Discovery English Edition (1959) chapter X ISBN 0-415-07892-X

Other Material

  1. Synonyms include: Assurance Attested Validated.