CSP Process
The CSP establishes a mechanism to uniquely identify each subscriber and the associated tokens and credentials issued to that subscriber. The CSP registers or gives the subscriber a token to be used in an authentication protocol and issues credentials as needed to bind that token to the identity, or to bind the identity to some other useful verified attribute. The subscriber may be given electronic credentials to go with the token at the time of registration, or credentials may be generated later as needed. Subscribers have a duty to maintain control of their tokens and comply with the responsibilities to the CSP. The CSP maintains registration records for each subscriber to allow recovery of registration records.
In an e-authentication model, a claimant in an authentication protocol is a subscriber to some CSP. At some point, an applicant registers with an Registration authority(RA), which verifies the identity of the applicant, typically through the presentation of paper credentials and by records in databases. This process is called identity proofing. The RA, in turn, vouches for the identity of the applicant (and possibly other verified attributes) to a CSP. The applicant then becomes a subscriber of the CSP. The CSP establishes a mechanism to uniquely identify each subscriber and the associated tokens and credentials issued to that subscriber. There is always a relationship between the RA and CSP.
Read more about this topic: Credential Service Provider
Famous quotes containing the word process:
“Any balance we achieve between adult and parental identities, between children’s and our own needs, works only for a time—because, as one father says, “It’s a new ball game just about every week.” So we are always in the process of learning to be parents.”
—Joan Sheingold Ditzion, Dennie, and Palmer Wolf. Ourselves and Our Children, by Boston Women’s Health Book Collective, ch. 2 (1978)