Full Title or Meme
A collection of Verified Claims or data together with the context that can provides meaning to the provenance, meaning and accessibility of that data.
- Any site can host data about a Subject and even offer to sell that data to others. Several problems are associated with that exchange:
- The data may be false through negligence, incompetence or out-right fraud.
- The site that contains the data may have no right to share that data with others.
- A claim represents a data item without much context. Adding context to that data can create Verified Information which can have great value.
Claims typically go through a series of steps, for example:
- A User will go to a Web Site hosting a Resource that the user wants to access.
- The Web Site will send a scope to a User asking for Claims to authorize access.
- The User Agent should know, a priori, where to send the Claims for verification.
- The Verified Claims will be collected and forwarded to the Web Site.
- The Web Site will evaluate the Verified Claims and determine whether to authorize access to the resource.
- Optionally the Web Site will request additional claims to meet the needs to authorize access.
- In computer networking a variety of statements can be made by a user to acquire authorized access to a resource.
- The distinction as to Authentication, who a user is, versus Authorization, or what that user is permitted to do, is no longer helpful.
- NIST has recognized that there are multiple metrics for the Assurance of statements about a user in their third update to SP 800-63-B