Difference between revisions of "Identity Taxonomy"
(→Real World (Legal) Entities) |
(→Virtual Entities) |
||
| Line 26: | Line 26: | ||
Many end-points (aka [[URL]]s) have been assigned and acquired TLS certificates that are deliberately misleading. An attempt to remedy this problem with [[EV Cert]]s has only helped at the margin. Malicious [[Web Site]]s have found ways to get them and still mislead [[User]]s. | Many end-points (aka [[URL]]s) have been assigned and acquired TLS certificates that are deliberately misleading. An attempt to remedy this problem with [[EV Cert]]s has only helped at the margin. Malicious [[Web Site]]s have found ways to get them and still mislead [[User]]s. | ||
| − | A [[Subject]] may very well be a [[Pseudonym]] or brand experience and not a human being. | + | A [[Subject]] may very well be a [[Pseudonym]] or brand experience and not a human being. A [[Subject]] is not necessarily a legal [[Entity]]. |
===Digital Entities=== | ===Digital Entities=== | ||
Revision as of 18:09, 3 November 2018
Contents
Full Title or Meme
This is a list of terms and the way that they are used on this wiki.
Purpose and Scope
- This page is designed to lead users to the right page on this wiki. The terms are defined precisely in the way that the are used on this wiki and will assuredly differ from usages on other sites, which are not consistent.
- This site focuses on rich text Web Sites rather than voice, email or similar interchanges except as they are used in User Authentication.
Context
Interchanges among (1) users, (2) identifier and attribute providers, and (3) relying parties. Not part of this particular wiki context are other trusted third parties.
Real World Subjects
Real World (Legal) Entities
A User is a Subject that is trying to access resources on the internet. Without other modifiers it is considered to be a natural human being.
An incorporated Business or non-governmental organization provides goods or services in the real or digital world. It is not authorized to use force beyond its own physical real-estate.
A Government is a sovereign entity that uses force within its jurisdiction to enforce its laws and regulations.
An Organization or an Enterprise is either a government or other legal Entity, but not a natural human being.
Virtual Entities
A Brand or Doing-Business-As (DBA) is typically a legally protected Identifier but not a legal Entity.
Many end-points (aka URLs) have been assigned and acquired TLS certificates that are deliberately misleading. An attempt to remedy this problem with EV Certs has only helped at the margin. Malicious Web Sites have found ways to get them and still mislead Users.
A Subject may very well be a Pseudonym or brand experience and not a human being. A Subject is not necessarily a legal Entity.
Digital Entities
A Site or Web Site is a target of some interaction over the internet using the HTTP protocol. As of today the site is know by its URL, but there is a proposal to give it a Trusted Identifier.
A Data Controller is any Web Site with access to User Private Information'
Real World Interactions
This is a list of all the non-governmental initiated interactions on the internet. The first entity is the initiator and the second the responder. While C2C is conceivable, it is not yet widespread beyond email and voice.
C2B = consumer to business.
C2G = consumer to government.
B2B = business to business.
B2G = business to government.
List of High-level Functions
These functions will likely be used in different combinations by any real world digital entity.
Claimant is a real-world entity that claims ownership of some set of identifiers and attributes.
Resource is a function of a site that authorizes access based on grants from verified user claims.
Provider is a function of a site that that exposes Resources, or is an Identifier or Attribute Provider or is a Trusted Third Party.
Entity is a named digital site on the internet that will host one or more functions.
List of Low-level Functions
List of Roles
User Agent is a role of a digital entity that operates only on behalf and at the consent of the user. It may be on a device or in the cloud.
Relying Party is a role that can operate as a client of the user if it is granted the right to do so.
Identifier or Attribute Provider is a role that can provide Validated identifier or attributes that apply to a User.
Data Controller is a term used by the GDPR to describe any site that controls User Information. It is not a term that is much used on this wiki.
Trusted Third Party is any of a variety of Data Controller with access to User Private Information, for example Privacy Enhancing Technology Provider.
Abstract Subjects
General Theory of Living Systems
User, Subject, Principal and Consumer are all synonyms at one level or another. User is preferred when a live human being is intended, Subject when unclear.
User Information is composed of User Private Information and User Public Information.
Right to be Forgotten is an attempt in Europe to allow a User to reclassify User Public Information into User Private Information.
