Definitions[]
An identity provider (IdP) (also called an identity service provider) is
“ | [an organization that is] [r]esponsible for the processes associated with enrolling a subject, and establishing and maintaining the digital identity associated with an individual or non-person entity (NPE). These processes include identity vetting and proofing, as well as revocation, suspension, and recovery of the digital identity. The IDP is responsible for issuing a credential, the information object or device used during a transaction to provide evidence of the subject's identity; it may also provide linkage to authority, roles, rights, privileges, and other attributes. | ” |
“ | [a] type of service provider that creates, maintains, and manages identity information for users/devices and provides user/device authentication.[1] | ” |
“ | any institution or organization that manages information about users and wants to provide access to resources . . . for these users.[2] | ” |
“ | [a]n entity (usually an organization) that is responsible for establishing, maintaining, securing, and vouching for the identities associated with individuals.[3] | ” |
References[]
- ↑ NSTAC Report to the President on Identity Management Strategy, at C-4.
- ↑ "Identity Federations" (full-text).
- ↑ Privacy Considerations for Internet Protocols, at 9.