Difference between revisions of "Verifier"

From MgmtWiki
Jump to: navigation, search
(Problems)
(Problems)
Line 6: Line 6:
  
 
==Problems==
 
==Problems==
* The [[Verifier]] could be limited to just the role played by any [[Entity]] in assuring that the data received meets its own criteria for acceptance.
+
* The term [[Verifier]] could be limited to just the role played by any [[Entity]] in assuring that the data received meets its own criteria for acceptance.
 
* Some verticals, like finance and health, are highly regulated and typically require that their data controllers are certified for conformance with very restrictive regulations. Others have lighter regulation like the US Federal Trade commission.
 
* Some verticals, like finance and health, are highly regulated and typically require that their data controllers are certified for conformance with very restrictive regulations. Others have lighter regulation like the US Federal Trade commission.
 +
* In all cases the verifier will be given a set of policies that they apply to [[Claimant]]s seeking access. In a world where policies can change will little notice, it behooves the [[Verifier]] to create a [[Policy-Based Access Control]] applications that does not require reprogramming of the application to meet changing policies.
  
 
==References==
 
==References==
  
 
[[Category: Glossary]]
 
[[Category: Glossary]]

Revision as of 10:32, 23 February 2022

Full Title or Meme

In this wiki the common therm for a Verifier is a Relying Party. The distinction seems to be moot.

Context

New standards like to talk about the Verifier rather than the Relying Party for reasons known only to them.

Problems

  • The term Verifier could be limited to just the role played by any Entity in assuring that the data received meets its own criteria for acceptance.
  • Some verticals, like finance and health, are highly regulated and typically require that their data controllers are certified for conformance with very restrictive regulations. Others have lighter regulation like the US Federal Trade commission.
  • In all cases the verifier will be given a set of policies that they apply to Claimants seeking access. In a world where policies can change will little notice, it behooves the Verifier to create a Policy-Based Access Control applications that does not require reprogramming of the application to meet changing policies.

References