Taxonomy / BoK Link Collection
Taxonomy/ BoK Link Collection
an (unsorted) list of wiki/ glossaries/ standards dealing with Identity Stuff
Short Name | short description / abstract | Release | tagging | Public | link | |
---|---|---|---|---|---|---|
Universal Declaration of human rights | The Universal Declaration of Human Rights (UDHR) is a milestone document in the history of human rights. Drafted by representatives with different legal and cultural backgrounds from all regions of the world, the Declaration was proclaimed by the United Nations General Assembly in Paris on 10 December 1948 as a common standard of achievements for all peoples and all nations. It sets out, for the first time, fundamental human rights to be universally protected and it has been translated into over 500 languages. | 19481210 | Declaration | X | http://www.un.org/en/universal-declaration-human-rights/ | |
A typology of Privacy | Despite the difficulty of capturing the nature and boundaries of privacy, it is important to conceptualize it. Some scholars develop unitary theories of privacy in the form of a unified conceptual core; others offer classifications of privacy that make meaningful distinctions between different types of privacy. ... Because of the comprehensive and large-scale comparative nature of the analysis, this paper offers a fundamental contribution to the theoretical literature on privacy. | 20160324 | AcademicPaper | X | https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2951649_code63732.pdf?abstractid=2754043&mirid=1&type=2 | |
Internet Security Glossary, Version 2 | This Glossary provides definitions, abbreviations, and explanations of terminology for information system security. The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process. The recommendations follow the principles that such writing should (a) use the same term or definition whenever the same concept is mentioned; (b) use terms in their plainest, dictionary sense; (c) use terms that are already well-established in open publications; and (d) avoid terms that either favor a particular vendor or favor a particular technology or mechanism over other, competing techniques that already exist or could be developed. | 20070801 | RFC | X | https://tools.ietf.org/html/rfc4949 | |
WebOfTrust Identity Crisis: Clearer Identity through Correlation
| The term “identity” is a challenge. Both laypeople and experts struggle to communicate clearly about it. The term has numerous rich and useful meanings. That same flexibility and expressivity also makes it easy to misunderstand subtle nuances and often leads to ideological debate rather than understanding and applications. We compensate with adjectives, creating new phrases like “digital identity” or “legal identity”, but we often still speak past each other. We regularly refer to “identities” as things that are assigned to us or that we own, things we control or present, instead of using more rigorous terms such as “identifiers” or “credentials”. This fluidity often confuses because, at its core, identity is an emergent phenomenon that doesn’t have an existence independent of the observer.
| 20160823 | Whitepaper | X | https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/final-documents/identity-crisis.pdf | |
WebOfTrust Physician patient relationship | Address whether there is a place in health IT and/or healthcare related research for the technology [1]; Together, physicians and patients steer treatment and are responsible for the vast majority of decisions, and therefore expenditures, in healthcare. Yet the technology that mediates the physician- patient relationship today is not directly purchased or controlled by either the physicians or the patients. Electronic health records and health information exchange technology are sold as strategic assets to institutions — typically very large businesses, that currently have incentives to maximize institutional growth. We seek a better balance of institutional needs with the needs of physicians and patients. | 20160823 | Whitepaper | X | https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/final-documents/physician-patient-relationship.pdf | |
WebOfTrust protecting digital identities in developing countries | People in many parts of the developing world have little or no infrastructure for well-regulated government and commercial processes. This creates a pressing need for a safe place to store important personal data needed to access financial, insurance, education and healthcare services. A universal digital identity system would underpin information assurance through verifiable and reliable data that can be presented when required. This paper presents a strong use case for a self-sovereign identity system with verifiable information and user-controllable release. | 20160823 | Whitepaper | X | https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/final-documents/protecting-digital-identities-in-developing-countries.pdf | |
WebOfTrust requirements for dids | Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions.
| 20160823 | Whitepaper | X | https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/final-documents/requirements-for-dids.pdf | |
WebOfTrust smarter signatures | Technologies like the Web of Trust and PKI lay the foundation for identity on the internet: they map a human persona to a cryptographic construct that is represented by a public key and protected by a private key. Digital signatures are fundamental to these digital identities and have been widely used in a variety of applications. They’re the heart of SSH, the foundation of certificates, and the core of newer technologies like blockchain. However, today’s simplistic signatures are just the start; they can be improved, to create more powerful and more complex signatures that can truly be better and smarter. Now is the time to begin experimenting with these possibilities.
| 20160823 | Whitepaper | X | https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/final-documents/smarter-signatures.pdf | |
IDCommons | The Identity Landscape is a community project to create a shared living "map" of the Internet identity space -- the projects, technologies, and standards that are coming together to create an interoperable identity layer for the Internet. | 20120913 | Collection | X | http://wiki.idcommons.net/Identity_Landscape | |
Hitachi ID | This vendor has a nice glossary about terms and concepts within IAM Landscape | Vendor Glossary | X | https://hitachi-id.com/resource/iam-concepts/ | ||
IDM Solutions Review | another glossary on IDM terms: 'Having a hard time keeping up with Identity Management jargon? We’ve got you covered. Solutions Review’s A to Z Identity Management glossary has definitions for over 50 of the most popular Identity Management terms and acronyms.' | Commercial | X | https://solutionsreview.com/identity-management/identity-management-glossary/ | ||
Field Guide to Identity | The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 1 Intro + What is Identity by Kaliya Hamlin | 20141211 | Blog | x | https://identitywoman.net/the-field-guide-to-identity-identifiers-attributes-names-and-more/ | |
old Greeks | The old Greeks view on Identity, Entity, Ontology and other stuff | Wikipedia | X | |||
ISO/IEC 24760:1 | To address the need to efficiently and effectively implement systems that make identity-based decisions, ISO/IEC 24760 specifies a framework for the issuance, administration, and use of data that serves to characterize individuals, organizations or information technology components which operate on behalf of individuals or organizations. | 2011 | standard | X | https://www.iso.org/obp/ui/#iso:std:iso-iec:24760:-1:ed-1:v1:en | |
IDESG | List of documents used for the IDESG Taxonomies (basically the same idea on what we do here). Many sublinkages | Non-profit org | X | https://wiki.idesg.org/wiki/index.php?title=Taxonomy | ||
CMM | The capability maturity model | Wikipedia | X | https://en.wikipedia.org/wiki/Capability_Maturity_Model | ||
EU-GDPR | EU General data protection regulation | legal | X | http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0089.01.ENG&toc=OJ:L:2016:119:TOC | ||
ISO/IEC 29115:2011 | This Recommendation | International Standard provides a framework for entity authentication assurance. Assurance within this Recommendation | International Standard refers to the confidence placed in all of the processes, management activities, and technologies used to establish and manage the identity of an entity for use in authentication transactions. | standard | X | https://www.oasis-open.org/committees/download.php/44751/285-17Attach1.pdf | ||
NIST- Digital Identity Guidelines SP 800-63-3 | These guidelines provide technical requirements for Federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols and related assertions. This publication supersedes NIST SP 800-63-1 and SP 800-63-2. | 20170331 | guidelines | X | https://pages.nist.gov/800-63-3/sp800-63-3.html | |
NIST- Digital Identity Guidelines Enrollment and Identity Proofing SP 800-63-3A | This document provides requirements for enrollment and identity proofing of subscribers that wish to gain access to resources at each Identity Assurance Level (IAL). The requirements detail the acceptability, validation, and verification of identity evidence that will be presented by an individual to support their claim of identity. This document also details the responsibilities of Credential Service Providers (CSPs) with respect to establishing and maintaining enrollment records and binding authenticators (either CSP-issued or subscriber-provided) to the enrollment record. | 20170331 | guidelines | X | https://pages.nist.gov/800-63-3/sp800-63a.html | |
NIST- Digital Identity Guidelines Authentication and Lifecycle Management SP 800-63-3B | This document and its companion documents, [Special Publication (SP) 800-63-3], [SP 800-63A], and [SP 800-63C], provide technical guidelines to agencies for the implementation of digital authentication. | 20170331 | guidelines | X | https://pages.nist.gov/800-63-3/sp800-63b.html | |
NIST- Digital Identity Guidelines Federations and Assertions SP 800-63-3C | This recommendation and its companion documents, [SP 800-63-3], [SP 800-63A], and [SP 800-63B], provide technical guidelines to credential service providers (CSPs) for the implementation of remote authentication. This document, SP 800-63C, provides requirements to CSPs and relying parties (RPs) of federated identity systems. Federation allows a given CSP to provide authentication and (optionally) subscriber attributes to a number of separately administered RPs. Similarly, RPs may use more than one CSP. | 20170331 | guidelines | X | https://pages.nist.gov/800-63-3/sp800-63c.html | |
Vectors of Trust | This document defines a mechanism for describing and signaling several aspects that are used to calculate trust placed in a digital identity transaction. | 20170403 | Internet-Draft | X | https://tools.ietf.org/html/draft-richer-vectors-of-trust-05 | |
Terms and concepts relevant to identity management and trust services | This note contains the definition of a number of terms relevant for identity management and trust services. The terms are presented with a view to enabling discussions based on a common understanding of fundamental notions; they are not presented in order to suggest a discussion on legally binding definitions of those notions. Similarly, the terms are not intended to provide an indication on the scope of the future work of UNCITRAL in the field of identity management and trust services. | 20170210 | WorkingGroup Notes | X | https://documents-dds-ny.un.org/doc/UNDOC/LTD/V17/008/31/PDF/V1700831.pdf?OpenElement | |
Proposals from 55th session on Legal issues related to identity management and trust services | 20170428 | WorkingGroup Proposals | x | 55 th session, 24-28 April 2017, New York A/CN.9/WG.IV/WP.140 - Annotated provisional agenda A/CN.9/WG.IV/WP.140/Add.1 - Annotated provisional agenda A/CN.9/WG.IV/WP.142 - Contractual aspects of cloud computing A/CN.9/WG.IV/WP.146 - Legal issues related to identity management and trust services - Proposal by the United Kingdom of Great Britain and Northern Ireland |
old, subject to be removed (still in history)
Wikis, Glossaries and and other collections
Name | Link | Comment |
---|---|---|
IDCommons | http://wiki.idcommons.net/Identity_Landscape | |
IDM Concepts | https://hitachi-id.com/resource/concepts/ | |
http://solutionsreview.com/identity-management/identity-management-glossary/ | ||
http://iam.harvard.edu/glossary | ||
https://www.perfectcloud.io/resources/glossary/ | ||
IDESG | https://wiki.idesg.org/wiki/index.php?title=Taxonomy_Sources | |
Kaliya's Field Guide on Identities | https://identitywoman.net/the-field-guide-to-identity-identifiers-attributes-names-and-more/ | |
The old greeks view | more than 2500 year old stuff on identities and entities |
Related Standards
Name | Link | Comment |
---|---|---|
IDCommons, Standards Collection | http://wiki.idcommons.net/ID_Related_Standards | Not direct link to standards, but a list |
ISO 24760-1 | https://www.iso.org/obp/ui/#iso:std:iso-iec:24760:-1:ed-1:v1:en | (preview) |
ISO 24760-2 | ||
ISO 29100 | ||
Cobit | general (lower layers) | |
Project Management PMBok | general (lower layers) | |
CMM | https://en.wikipedia.org/wiki/Capability_Maturity_Model | general (lower layers) |
EU GDPR | http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0089.01.ENG&toc=OJ:L:2016:119:TOC | Section 3 deals with 'Definitions' |
ISO/IEC 29115:2011 | https://www.oasis-open.org/committees/download.php/44751/285-17Attach1.pdf |