Difference between revisions of "Verified Information"

From MgmtWiki
Jump to: navigation, search
(Context)
(Solution)
Line 10: Line 10:
  
 
==Solution==
 
==Solution==
Claims typically go through a series of steps, for example:
+
This wiki discusses one specific solution to the acquisition, interpretation and Protected storage of Data. Specifically it looks at packets of data together with meta data.
# A [[User]] will go to a [[Web Site]] hosting a [[Resource]] that the user wants to access.
 
# The [[Web Site]] will send a scope to a [[User]] asking for [[Claim]]s to authorize access.
 
# The [[User Agent]] should know, a priori, where to send the [[Claim]]s for verification.
 
# The [[Verified Claim]]s will be collected and forwarded to the [[Web Site]].
 
# The [[Web Site]] will evaluate the [[Verified Claim]]s and determine whether to authorize access to the resource.
 
# Optionally the [[Web Site]] will request additional claims to meet the needs to authorize access.
 
 
 
* In computer networking a variety of statements can be made by a user to acquire authorized access to a resource.
 
* The distinction as to [[Authentication]], who a user is, versus [[Authorization]], or what that user is permitted to do, is no longer helpful.
 
* NIST has recognized that there are multiple metrics for the [[Assurance]] of statements about a user in their third update to SP 800-63-B
 
  
 
==References==
 
==References==

Revision as of 08:25, 2 November 2019

Full Title or Meme

A collection of Verified Claims or data together with the context that can provides meaning to the provenance, meaning and accessibility of that data.

Context

While a great deal of ink has been expended (and captured on the wiki page Information) at is core information is most useful when view as input to a decision process. That decision process must be able to evaluate all of the data available, understand the reliability of the data and then act on the data. The better the information content of data, the more valuable it is. This wiki page is about creating packets of data together with the Provenance of the data, the Meaning of the data and the Access to the data. Lets look at each of those three categories:

Provenance of Data

Meaning of the Data

Access to the Data

  • Information (aka contextualized data) is valuable.

Solution

This wiki discusses one specific solution to the acquisition, interpretation and Protected storage of Data. Specifically it looks at packets of data together with meta data.

References

Other Material