Entity |
Someone or something with identity |
Identity |
Unique expression of an entity withing an environment |
Identifier |
Cryptographic token tied to identity, application or service |
Attribute |
A static or dynamic aspect of an identity |
Persona |
The combination of identity and attributes in a specific situation/context |
Role |
Temporary credential or job function |
Authentication (AuthN) |
Process of confirming identity |
Multifactor authentication (MFA) |
Something you know, something you have, something you are |
Access control |
A technical implementation that restricts access to a resource |
Accounting |
Logging and monitoring activities |
Authorization (AuthZ) |
Provides access for an identity |
Entitlement |
Mapping between and identity and its authorization |
Single Sign-On (SSO) |
Token system used to allow one sign-in across multiple systems |
Federated identity management |
Enabled authenticating locally and authorizing remotely in context of SSO |
Authoritative source |
The source of an identity |
Identity provider |
The identity management party |
Relying party |
System that consumes identity assertions from the provider |