Difference between revisions of "Trust Vector"

From MgmtWiki
Jump to: navigation, search
(Solutions)
Line 3: Line 3:
  
 
==Context==
 
==Context==
[[Bayesian Identity Proofing]] provides the means for a collection of authentication and verification steps to be validated.
+
Internet [[Relying Party|Relying Parties]] need to perform [[Knowledge]]-based functions to determine if the current request by a [[User]] should result in [[Authorization]] of access.
  
 
==Problems==
 
==Problems==
 +
*Many large ecommerce sites are already performing this function, but for obvious reasons do not like to let that fact be known.
 +
*If attackers where to understand the process in full detail, they would know how to subvert it.
  
 
==Solutions==
 
==Solutions==

Revision as of 10:30, 10 August 2018

Full Title or Meme

A collection of Authentication results or Attribute Validations presented to an Authorization Service to control access to a resource, typically digital but possibly physical.

Context

Internet Relying Parties need to perform Knowledge-based functions to determine if the current request by a User should result in Authorization of access.

Problems

  • Many large ecommerce sites are already performing this function, but for obvious reasons do not like to let that fact be known.
  • If attackers where to understand the process in full detail, they would know how to subvert it.

Solutions

References