That does not mean that the entity
cannot also own omnidirectional identities. Instead, it means
that for purposes of modeling the behavior of an entity in the
subject role in an identity transaction, we will consider only the
unidirectional aspect. Translating the example in the section
???Directed Identity??? into Identity Metasystem terms would result
in something like this: If the RP is the actor who consumes identities,
the subject is the entity whom the consumed identity is
about. If the wine seller plays the role of the RP, the buyer is the
subject; it is the buyer??™s identity, in the sense of the claim de?¬?ning
his age, that the wine seller will want to verify (???consume???).
Identity Providers
The concept of IP is extremely natural. It models a role that is
practically omnipresent in real-life situations in which people
handle identities. Unfortunately, in traditional online authentication
schemes, the IP is implicit or is an emergent property of the
system, making it dif?¬?cult to weave into the system the requirements
associated with the role.
An identity provider, abbreviated IP, is an entity that issues digital
identities. An IP is the entity that asserts the claims constituting
a digital identity, typically in virtue of the relationship that
associates it to the subject owning that identity.
Pages:
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211