Identity Related Terms

Identity and Access Management   Identity and access management (IAM) ensures that the right people access the right services.

Authentication (AuthN)   The act of ensuring that a person is who they say they are by means of a username and password.

Authorization   Proving that you are permitted to perform a certain action or set of actions. Being able to do this without revealing your identity is central to the problem of ensuring online privacy, and is one of the principal goals of Internet2's Shibboleth project.

Credentials  Account username and password.

Provisioning   A business process for creating and managing access to resources in an information technology (IT) system.  Automated provisioning is desirable.

Privilege  An identified right that a particular user has to a particular system resource, such as a file folder, access to a specific web application, or the use of certain system commands.

Level of Assurance  A level of assurance (LoA) refers to the degree of certainty that (1) a resource owner has that a person's physical self has been adequately verified before credentials are issued by a registration authority, and (2) a user indeed owns the credentials they are subsequently presenting to access the resource.

Shibboleth  An Internet2 Middleware initative project that has created an architecture and open-source implementation for federated identity-based authentication and authorization infrastructure based on Security Assertion Markup Language (SAML).

Federation  A collection of collaborating organizations that use a common framework for exchanging and handling identity attributes, supporting security processes and infrastructures, and providing overarching policy governing the interaction.

Groups