Week 1 Module 3 Flashcards
Digital Identity Model
A _______ is a unique representation of a subject engaged in an online transaction.
A subject may have multiples for different contexts/domains (IE: Email and online banking)
Digital Identity
The \_\_\_\_\_ involves processes and entities involved in creating digital identities and using them for authentication of subjects for online transactions. A. Online Access Model B. Online Identity Model C. Digital Identity Model D. Digital Access Model
C. Digital Identity Model
What are the 4 processes that make up the Digital Identity Model?
Enrollment/identity proofing
Credential Issuance
Authentication
Lifecycle Management Process
When a subject (applicant) seeks a digital identity for a service is is applying to an entity called the _________.
A, Digital Service Provider
B. Credential Service Provider
C. Identity Service Provider
D. None of the above
B. Credential Service Provider
_______ establishes that a subject is actually who they claim to be.
Identity Proofing
To help reduce errors in identity proofing there are 3 _________ associated with this process.
A. Identity Assurance Levels
B. Identity Proofing Levels
C. Digital Identity Levels
A. Identity Assurance Levels
How many levels are there in the Identity Assurance Levels?
3
Which Identity Assurance Level (IAL) requires NO evidence?
IAL1
In the Digital Identity Model, what is the process that follows the Enrollment/Identity Proofing Process?
Credential Issuance Process
In the Credential Issuance Process, the CSP creates an ______ and binds them to one or more ________ to create a Credential.
identifier
authenticators
An applicant becomes a \_\_\_\_\_ when issued credentials. A. User B. Subject C. Subscriber D. Enrollee
C. Subscriber
Enrollment, identity proofing and credential issuance may be delegated by the CSP to the _______.
Registration Authority (RA) or Identity Manager (IM)
A ______ occurs and starts the _____ process.
authentication event
authentication
A ______ is a subscriber wanting to get their identity verified to access a digital service.
A. User
B. Claimant
C. Requester
D. None of the above
B. Claimant
The ______ is the entity that checks to make sure the identity is correct.
Verifier
A ___________ is the sequence of messages that enable a claimant to show possession and control of 1 or more authentictors to a verifier.
authentication protocol
The authentication process’ strength is measured by what metric?
Authentication Assurance Level (AAL)
Based on authentication, the verifier (or CSP) generates an assertion and send it to the ______, who either provides the digital service or its agent.
Relying Party (RP)
T/F: If authentication is good, a session between the subscriber and relying party is established to provide the service requested.
True
In a ______ architect, the RP outsources all identity proofing attribute collection and attribute storage to a CSP.
federated identity architecture
The ______ is the protocol for conveying the assertion from the verifier (or CSP) to the Relying Party (RP)
A. verification protocol
B. assertion protocol
C. assurance protocol
B. assertion protocol
The strength of the assertion protocol is expressed as ______, for which there are 3 levels.
Federation Assurance Level (FAL)
The activities the CSP performs to maintain the credential, its status, and the enrollment data collected for the Credential is called what?
A. Lifecycle Management Process
B. Credential Management Process
C. Credential Lifecycle Process
D. None of the above
A. Lifecycle Management Process
