Claims – “lingua franca” Of Digital Identity
*Claims describe entities
*Principals – requestors of access, e.g. humans, devices, applications
*Composite principal = human + device + application
*Resources – targets of access request, e.g. services, data
*Actions – operations on resources, e.g. read, approve
*Context – runtime property of the access session, e.g., day-of-the-week
*Claims - “in doubt” properties of an entity
*Facts - trusted claims within the
policy-constrained scope
*Identity – context-specific set of Principal claims