|“||objects that are verified when presented to the verifier in an authentication transaction. Credentials may be associated with the individual to whom they were issued, or they may be bearer credentials. The former are necessary for identification, while the latter may be acceptable for some forms of authorization.||”|
A credential is
|“||[a]n information object created by a credential provider that provides evidence of the subject’s authority, roles, rights, privileges, and other attributes. The credential is normally bound to an acceptable identity medium.||”|
|“||[i]nformation passed from one entity to another to establish the sender's access rights or to establish the claimed identity of a security subjective relative to a given security domain.||”|
- ↑ Who Goes There?: Authentication Through the Lens of Privacy, App. C, at 210.
- ↑ The White House, (Draft) National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy 32 (June 25, 2010) (full-text).
- ↑ Cybersecurity A Primer for State Utility Regulators, App. B.