Based on the Constellations and Use Cases document this model defines the key actors for trust federations several constellations.
Baseline use case (matches constellation C01)
Subject |
Entity whose identity can be authenticated |
Synonymous with Principal in X.1252, ISO 29115; Caveat: The definition includes all trust service providers, but use cases imply that only users (service consumers) are meant |
Relying Party |
Entity that relies on identity-related claims by a asserting entity |
In general use except in STORK |
Identity Provider |
Provider who manages identity information for Principals and provides identity-based services |
Not a Kantara term; defined in X.1252 and STORK |
Delegated Identity Management (constellation C10)
Attribute Provider |
SP that manages and asserts attributes for Principals |
|
CSP (Credential Service Provider |
Provider supporting the verification of identities, the issuance of identity related tokens, and their subsequent management |
|
RA (Registration Authority) |
An entity validating the identity and claims of applicants but does not issue or manage credentials |
|
Note: need to consolidate C10 with this model: CSP vs. IDP, RA vs. RO