...
Baseline use case (matches constellation C01)
Subject | Entity whose identity can be authenticated | Synonymous with Principal in X.1252, ISO 29115; Caveat: The definition includes all trust service providers, but use cases imply that only users (service consumers) are meant |
Relying Party | Entity that relies on identity-related claims by a asserting entity | In general use except in STORK |
Identity Provider | Provider who manages identity information for Principals and provides identity-based services | Not a Kantara term; defined in X.1252 and STORK |
Delegated Identity Management (constellation C10)
Attribute Provider | SP that manages and asserts attributes for Principals |
|
CSP (Credential Service Provider | Provider supporting the verification of identities, the issuance of identity related tokens, and their subsequent management |
|
RA (Registration Authority) | An entity validating the identity and claims of applicants but does not issue or manage credentials |
|
Note: need to consolidate C10 with this model: CSP vs. IDP, RA vs. RO