An Assertion (or Identity Assertion) is a collection of from a Service Provider’s current user's that is sent from an Identity Provider to the Service Provider for the purpose of making access decisions and/or personalizing the user’s experience with the service.
Assurance is something that inspires trust. In the context of identity and access management, assurance typically refers to a collection of one or more criteria addressing legal, policy, operation, technology, organizational, and other issues affecting the administration and use of identity information.
Authentication is a process for associating a person with an in a verified manner. Verification is performed on the basis of a : something you know (e.g., a password), something you have (e.g., a hardware token), something you are (e.g., a fingerprint scan), or a combination of these factors.
Authorization is the act of granting access to a service or resource for an person, based on information contained in that person's , such as the person's organizational affilation, role, or explicit entitlements.
A community member is person who is represented by a federation organization that operates an IdP. For university Participants, Community Members may include students, staff, faculty, and other persons who have some affiliation with the university or its programs.
A credential is something a person uses to verify who they are during . Examples are something you know (e.g., a password), something you have (e.g., a hardware token), something you are (e.g., a fingerprint scan).
The Community Trust and Assurance Board (CTAB) represents the InCommon community in InCommon Federation’s trust and assurance related programs and initiatives. It is advisory to the InCommon Steering Committee. The CTAB wiki includes the charter, meeting minutes, and additional information.
A digital certificate is an electronic document that can be used to verify the authenticity of information (e.g., within a Trust Registry) that has been signed using public key cryptography. Digital Certificates have other uses, such as data encryption, that (while used extensively) are less specifically related to identity and access management.
eduGAIN (EDUcation Global Authentication INfrastructure) is an inter-federation service connecting participant identity federations around the world. eduGAIN simplifies access to content, services and resources for the global research and education community.
FIM4L (Federated Identity Management for Libraries) is a library-led working group that aims to further the usage of Federated Identity Management technologies by providing guidelines for libraries on how to deploy such technologies while in the same time preserve the privacy of the users.
FIM4R (Federated Identity Management for Research) is a collection of research communities and infrastructures with a shared interest in enabling Federated Identity Management for their research cyber infrastructures.
In contrast to its usual English meaning, identity in the context of the practice of identity management refers to the set of information that pertains to a person. This information includes identifiers, memberships, eligibility, roles, names, characteristics, etc. Some of this information may uniquely identify that person, even sensitive Personally Identifiable Information (PII), but much of this information is not.
An identity assertion is information about a ’s current user that is sent from an to the service provider for the purpose of making access decisions and/or personalizing the user’s experience with the service.
An identity provider (abbreviated IdP or IDP) is a system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network.
The InCommon Steering Committee provides high-level governance, including policies and general practices primarily for the InCommon Federation and related community activities. Meeting minutes are available on the wiki. You can find the InCommon bylaws, which govern the Steering Committee, and the InCommon LLC document, along with a number of other documents, on the Policies page.
A Multilateral Federation is one in which the participating institutions declare conformance with federation-wide standards to foster implicit bilateral trust between each and . These declarations are represented in the federation's Metadata (or Trust Registry).
An InCommon Participant (abbreviated Participant) is an organization that has signed an agreement with the InCommon Federation to cover the registration, verification and publication of information about its IdPs and SPs in the federation’s Trust Registry.
The InCommon Technical Advisory Committee (TAC) an advisory body to the InCommon Steering Committee. It advises InCommon Steering and InCommon operations on InCommon’s operational processes, practices, strategies, capabilities, and roadmap. The TAC meets biweekly throughout the year. Members serve three-year terms. The includes the committee's charter, meeting minutes, and additional information.