...
Context
Perhaps a subset of Semantics and Terminology, the question of context is significant in its own right. From an electronic identity perspective, what information is expressed about an individual will almost certainly vary according to the context in which it is requested or presented. An identity is expressed differently with different attributes under different contexts. Different contexts may include:
- individual as citizen
- individual as social group member
- individual as employee
- individual as researcher, student, or faculty
How should attributes be categorized or expressed in different contexts? Is this a question that can be rolled in to the questions around Attribute Semantics? Governance? Schema? It overlaps all of the above.
Efforts in this space
- none known
Common language - Schema
Efforts in this space:
...
Efforts in this space:
- SAML
- OAuth
Metadata
Attribute metadata is another aspect of attribute management regarding the exchange of attributes. What is needed is agreement on what the semantics are for metadata. SAML has some metadata for attributes, but much more will be needed as the growth of interoperability of attributes continues. We will need registries for attribute sets/categorization (i.e. IANA), agreement about the semantics, and mappings between sets of attributes having differing semantics
Efforts in this space:
- ???
Trust frameworks
- Attribute Assurance Profiles - ???'' .. e.g. different LoA for attributes based if they are self reported or proofed at a high level
Context
From an electronic identity perspective, what information is expressed about an individual will almost certainly vary according to the context in which it is requested or presented. An identity is expressed differently with different attributes under different contexts. Different contexts may include:
- individual as citizen
- individual as social group member
- individual as employee
- individual as researcher, student, or faculty
...
Consent
The legal definition and implementation around consent is reaching a stable point in the EU. That said, there is still some concern that implementing consent in the federation space is still problematic. Consent needs to be 'designed in' either as in band or as a service but implemented in a standardized way so you get consistent UX.
Efforts in this space
...
:
Governance
A driver for the exploration of attribute management is the growing economy behind the mining and exchange of attribute information. We see here the overlap of financial reward and privacy regulation; overlaps such as this generally see the creation of some kind of governance model. That governance may be formal regulation, it may be accepted industry standards groups, or some other model.
...