Credential
Credential
Alternative Forms
Attestation
Security Credential
Definitions
Definition 1 Computer Science
IAM
Information Security
Physical Security
Security
A data structure that is a collection of identity attributes and assertions that vouches for the identity of an entity through some method of trust and authentication.
Credential may be logical or physical. The authorizations granted on the basis of the credential may also be logical or physical.
Credential may be temporary or permanent.
Logical credential examples:
Password
PIN
Public Key Certificate
Physical credential examples:
Biometrics
Certificates
Driving License
ID Cart
Passport
SIM Card
Examples
In front of the login screen, Alice couldn’t remember her password. She sworn against this obsolete class of credential and daydreamed on how wonderful a passwordless world would be.
Illustrations
Related Terms
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1323368851
Certificate
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1323499650
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/82870977
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/461340725
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/67600948
Logical Credential
Password
Permanent Credential
Physical Credential
PIN
Public Key Certificate
Session
Temporary Credential
Ticket
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1311146179
Quotes
Credential: A document, object, or data structure that vouches for the identity of a person through some method of trust and authentication. Common types of identity credentials include—but are not limited to—ID cards, certificates, numbers, passwords, or SIM cards. A biometric identifier can also be used as a credential once it has been registered with the identity provider
A credential is typically a collection of identity attributes and assertions about a specific subject issued by an identity provider
The evidence provided by a user in the process of user authentication is called a credential. Different systems may require different types of credentials to ascertain user identity, and may even require more than one credential. In computer systems, the credential very often takes the form of a user password, which is a secret known only to the individual and the system. Credentials may take other forms, however, including PIN numbers, certificates, tickets, etc.
Bibliography
https://open-measure.atlassian.net/wiki/spaces/QUOT/pages/67568001
https://open-measure.atlassian.net/wiki/spaces/BIB/pages/67600608, p. 68.
https://open-measure.atlassian.net/wiki/spaces/BIB/pages/409010401, p. vii
See Also
-
-
AWS, 2021 (Bibliography)
-
Bradley, 2019 (Bibliography)
-
Credential (Dictionary)
-
Credential Harvesting (Dictionary)
-
Credential Service Provider (Dictionary Entry) (Dictionary)
-
Credential Stuffing (Dictionary)
-
Credential Theft (Dictionary Entry) (Dictionary)
-
-
OM-BP-0025: Reset all credentials and secrets following a breach (Best Practices)
-
Thycotic, 2019 (Bibliography)
-
Wang and De Filippi, 2020 (Bibliography)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.