Child pages
  • Identifier Glossary
Skip to end of metadata
Go to start of metadata

Portability must be included as part of a thoroughgoing review/rewrite of the section of eduPerson (200806) on "Identifier Concepts:"

http://middleware.internet2.edu/eduperson/docs/internet2-mace-dir-eduperson-200806.html#IdentifierConcepts

1) uniqueness

2) persistence
2a) reassignable

3) mutable
3a) resynchable

4) palatable

5) opacity

6) correlatable

7) privacy

8) portable

Many of these properties need to have more possible values than True or False.

The Trouble with Glossaries – RL "Bob" Morgan

[Few of the properties] are properties of the identifiers themselves, most are properties of the use of the identifiers in the context of many interacting systems.

Look at reassignment. It has to do with practices at the IdP, whether an identifier continues to apply to the same entity or can be used for a different one. The identifier stays the same, it's the mapping to the "real world entities" that might change. So the model needs to include those entities, the IdM system that maintains (or doesn't) the mapping, and the interest of the RP in the continuity of the mapping.

Identifiers in Context

Here's a trial run with further revisions (dependency is indicated by indentation)

From perspective of the University of Wisconsin-Madison as IdP

Properties of Identifier Usage

ePPN

UUID

PVI

ePTID

– Scope

wisc.edu

wisc.edu

wisc.edu

wisc.edu

  • Uniqueness

within scope

global

within scope

global

– Reversible

reversible

reversible

reversible

reversible

– Persistence

persistent

persistent

persistent

persistent

– Transparency

transparent

opaque

opaque

opaque

  • Palatibility

palatable

no

palatable

no

– Mutable

mutable on approved user request

mutable only in case of mistaken identity

mutable only in case of mistaken identity

mutable

  • Reassignable

potentially

no

potentially

no

  • Resynchable

resynchable

no

no

resynchable

– Correlatable

correlatable

correlatable

correlatable

only within specific application group

– Portable

no

potentially

no

no

NOTE: Name identifiers are a threat to privacy to the extent that they are transparent, reversable, resynchable,

correlatable and portable

  • No labels