Combinación
del ID de usuario o ID de la cuenta más el (los) factor(es) utilizado(s) para
autenticar a un individuo, dispositivo o proceso.
http://es.pcisecuritystandards.org
Conjunto de
datos transferidos entre entidades para comprobar la identidad alegada por una
de ellas (ISO-7498-2). [Ribagorda:1997]
Datos que se
transfieren para establecer la identidad alegada de una entidad. [ISO-7498-2:1989]
Combination of the user ID
or account ID plus the authentication factor(s) used to authenticate an
individual, device, or process.
https://www.pcisecuritystandards.org/security_standards/glossary.php
An object or data structure
that authoritatively binds an identity (and optionally, additional attributes)
to a token possessed and controlled by a Subscriber.
While common usage often
assumes that the credential is maintained by the Subscriber, this document also
uses the term to refer to electronic records maintained by the CSP which
establish a binding between the Subscriber’s token and identity.
[NIST-SP800-63:2013]
A trusted entity that issues
or registers Subscriber tokens and issues electronic credentials to
Subscribers. The CSP may encompass Registration Authorities (RAs) and Verifiers
that it operates. A CSP may be an independent third party, or may issue
credentials for its own use. [NIST-SP800-63:2013]
Evidence or testimonials
that support a claim of identity or assertion of an attribute and usually are
intended to be used more than once. [CNSSI_4009:2010]
1. (I) /authentication/
"identifier credential": A data object that is a portable
representation of the association between an identifier and a unit of
authentication information, and that can be presented for use in verifying an
identity claimed by an entity that attempts to access a system. Example: X.509
public-key certificate. (See: anonymous credential.)
2. (I) /access control/
"authorization credential": A data object that is a portable
representation of the association between an identifier and one or more access
authorizations, and that can be presented for use in verifying those
authorizations for an entity that attempts such access. Example: X.509
attribute certificate. (See: capability token, ticket.)
3. (D) /OSIRM/ "Data
that is transferred to establish the claimed identity of an entity."
[ISO-7498-2]
[RFC4949:2007]
Data that is transferred to
establish the claimed identity of an entity. [ISO-7498-2:1989]
Combinaison de l’ID
utilisateur ou de l’ID compte et du ou des facteurs d’authentification utilisés
pour authentifier une personne, un dispositif ou un processus,
http://fr.pcisecuritystandards.org/
Données transférées
pour établir l'identité déclarée d'une entité. [ISO-7498-2:1989]