Claims – “lingua franca” Of Digital Identity
Claims describe entities
Principals – requestors of access, e.g. humans,
devices, applications
Composite principal = human + device + application
Resources – targets of access request, e.g. services,
data
Actions – operations on resources, e.g. read, approve
Context – runtime property of the access session, e.g.,
day-of-the-week
Claims - “in doubt” properties of an entity
Facts - trusted claims within the
policy-constrained scope
Identity – context-specific set of Principal claims