Abstract
This paper looks at the concepts of entities, identities, identifiers and credentials, their definitions, and how they combine to authenticate an identity to an account, or function, within a service. Credentials can be divided into several different types on the basis of their use, origin and characteristics. In particular, types such as composite, dynamic and derived credentials will be considered, and their applicability within an identity management system. Each credential must be managed through its entire life cycle from initial registration, general use and suspension, to deletion. The notion of public (i.e. freely distributable) and private (i.e. known only to you) aspects of a credential is explored. The bindings, by trusted third parties, of identifiers and public credentials into permits and instruments of proof is explained along with the convenience, but greater exposure, of local information. Several scenarios are analysed in terms of how different types of credentials are employed during the authentication process.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Rejman-Greene M: ‘Biometrics — real identities for a virtual world’, BT Technol J, 19, No3, pp 115–121 (July 2001).
The UK banking industry's initiative to help on-line banking users stay safe on line — http: //www.banksafeonline.org.uk/index.html
Sasse M A et al: ‘Transforming the ‘weakest link’ — a human/computer interaction approach to usable and effective security’, BT Technol J, 19, No3, pp 122–131 (July 2001).
Kerberos, IETF Working Group — http://www.ietf.org/html.charters/krb-wg-charter.html
Single Sign-On Product SiteMinder — http://www3.ca.com/Solutions/Product.asp?ID=5262
Identity Fraud — http://www.cifas.org.uk/identity_fraud.asp
Kenyon P (BBC News): ‘Blunkett's ID ‘stolen’ by reporter’, — http: //news.bbc.co.uk/2/hi/programmes/kenyon_confronts/2625395.stm
Ignacio A: ‘The Spanish e-ID infrastructure: Interoperability issues and solution proposals’, (May 2005) — http://diggov.org/library/library/dgo2005/e_authentication/spain.pdf
European Communities 2005: ‘Spanish government makes progress towards introduction of e-ID’, (April 2005) — http://europa.eu.int/idabc/en/document/4216/194
About this article
Cite this article
Bosworth, K., Gonzalez Lee, M.G., Jaweed, S. et al. Entities, identities, identifiers and credentials — what does it all mean?. BT Technol J 23, 25–36 (2005). https://doi.org/10.1007/s10550-006-0004-2
Issue Date:
DOI: https://doi.org/10.1007/s10550-006-0004-2