The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
Still loading...
(to certify)characteristics of an information system or, as in the context of the PKI for the government, a management system conducted by an independent third party. Certification is carried out as part of a process, in which the degree is established to which a management system adheres to an established collection of requirements (e.g. ETSI TS 101 456). PKIoverheid (and ETSI TS 101 456). Note: in some European guidelines, including the guideline on electronic signatures, this is indicated as accreditation.eHerkenningeHerkenningen
ABACAttribute Based Access ControlABACen
Access governanceAccess Governance is een aanpak waarbij op een geautomatiseerde wijze autorisaties van een heterogeen applicatielandschap worden geanalyseerd met als doel de risico's van ongeautoriseerde toegang te verminderen. Access Governance wordt ingezet als internecontrolemaatregel, maar kan ook onderdeel uitmaken van de interne of externe audit, waarbij de externe accountant steunt op de uitkomst van het Access Governance-proces en hiermee waarborgen krijgt omtrent de juistheid van de toegang tot de financiële systemen en onderliggende infrastructuur. Naast voornoemde aspecten wordt in dit artikel uitgelegd hoe Access Governance as a Service kan worden ingezet, wat inhoudt dat een organisatie de periodieke autorisatieanalyse uitbesteedt aan een externe partij. Dit model is ook toepasbaar in relatie tot de betrokkenheid van IT-audit bij de jaarrekeningcontrole. Daarnaast wordt de relatie tussen Access Governance en Identity & Access Management (IAM) gegeven.KPMGAGdu
Access GovernanceAccess Governance is the responsibility for structuring and maintaining processes that are needed in order to achieve and maintain the Access Governance Nirvana.
Processes that play a significant role in this responsibility are processes surrounding Enterprise Architecture, Identity Management, Access Control, Assessment, Logging and Monitoring and Reporting.

Account linkingen
Accreditation authorityAn accreditation authority assesses and validates identity providers, attribute providers, relying parties, and identity media, ensuring that they all adhere to an agreed-upon trust framework
Accreditation authorities can issue trustmarks to the participants that they validate.
Attribute providerAn attribute provider (AP) is responsible for the processes associated with establishing and maintaining identity attributes Attribute maintenance includes validating, updating, and revoking the attribute claim An attribute provider asserts trusted, validated attribute claims in response to attribute requests from relying parties In certain instances, a subject may self-assert attribute claims to relying parties Trusted, validated attributes inform relying parties’ decision to authorize subjects.NSTICAPen
AttributesAttributes are a named quality or characteristic inherent in or ascribed to someone or something (for example, “this individual’s age is at least 21 years”)NSTIC
Authentication (to authenticate)Verifying the (or a) claimed identity of a party and the set of his claimed attributes at a specific trust level. Analogous to KPMG6, Modinis7, "Opdrachtformulering Vraagstuk eRecognition bedrijven en instellingen" d.d. 10-1-2008, NTP Authorisation Policy (AP) v1.1. Definition is also analogous to PKIoverheid8 which states: "In the electronic signatures act the Dutch term ‘Authentificatie’ is used. The original English word is ‘Authentication’, translated in Dutch as ‘Authenticatie’. This document uses the latter."eHerkenningeHerkenningenauthenticatie
Authentication serviceAuthentication service: makes the issued tokens available in the eRecognition network in real time.eHerkenningeHerkenningenAuthenticatiedienst
Authentication serviceA required role within the network for eRecognition which is fulfilled by a participant in the scheme and which bears responsibility for authenticating a natural person based on the authentication token used by the natural person. With respect to the definition in Vraagstuk eRecognition bedrijven en instellingen, a distinction is made here between token issuer on one hand and authentication service on the other.eHerkenningeHerkenningen
Authentication tokenA set of attributes (for example a certificate) on the basis of which authentication of a party can occur. Analogous to KPMGeHerkenningeHerkenningen
Authorative Attribute SourceAn Authoritative Attribute Source (AAS) is the one source of attribute data that is authorized by the organization
and that overrides all other attribute sources.
AuthorisationA process under the responsibility of the service provider in which, on the basis of the proofs provided by eRecognition and possible checks of other relevant access rights which have been established by the service provider himself, it is determined whether a transacting natural person is granted access to a specific service or is authorised to perform a specific action. Note: authorisation is not a synonym of mandate Analogous to Modinis / "PKI overheid begrippenlijst (2005)"/"Van Dale Groot woordenboek van de Nederlandse taal 14", but made specific to the context of eRecognition. Also analogous to the Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0 (saml-glossary-2.0-os). PKI overheid uses a general definition which is not in conflict with the above.eHerkenningeHerkenningen
BSNBurger Service NummereHerkenningBSNeRecognitionduBurgerservicenummer
BSNBurgerservicenummer in Dutch: citizen service number, personal identification number issued by the Dutch government for natural persons. Based on Article 1 para b Wabb: the number assigned to a natural person.eHerkenningeHerkenningen
BusinessA business in the sense of the Companies Register Act of 2007. Scope: businesses in this sense from other EU countries fall within the definition in principle, however for version 1.1 the scope of the companies which can use eRecognition is restricted to those businesses which are required to be registered in the Dutch Chamber of Commerce Register. Companies Register Act of 2007eHerkenningeHerkenningen
CertificateA document attesting to the truth of certain stated facts.encertificaat
CertificateA signed document intended as legal proof. A certificate has the particular characteristic that it serves as legally binding proof in a legal procedure. An electronic form of this can be a document signed with an electronic signature in accordance with the law governing electronic signatures. In accordance with the civil code art. 1 56 paragraph 1.eHerkenningeHerkenningen
Certification (to certify)A broad (both technical and non-technical) evaluation of the securityeHerkenningeHerkenningen
Chained proofAn electronically established declaration from which the existence and correctness can be established of a chain of mandates showing that a specific transacting natural person represents a specific interested party for a specific transaction or service on the basis of checking the entire chain in mandate registers. Own definitioneHerkenningeHerkenningen
Chamber of Commerce RegisterThe Dutch basic registration of companies and legal entities which are required to register in the Netherlands. Also sometimes referred to in Dutch as NHR (‘Nieuw Handelsregister’). Companies Register Act 2007.eHerkenningeHerkenningen
CIAConfidentiality, integrity and availabilityCIAen
ClaimClaim: an assertion made by one subject about itself or another subject that a relying party considers to be “in doubt” until it passes “Claims Approval”
Cameron, Posch, Rannenberg
Collaborative ventureA legal unit without the properties of a legal entity, comprising two or more natural persons, legal entities or other collaborative ventures set up with the purpose of running a business in the sense of the 2007 Companies Registration Act. Scope: for version 1.1 the scope has been restricted to collaborative ventures which have an obligation to register with the Dutch Cahmber of Commerce Register. In later versions it will be closely delineated as to which collaborative ventures of other EU countries also fall within the scope. Definition in accordance with “Catalogus Basisregistraties”.eHerkenningeHerkenningen
College Bescherming PersoonsgegevenseHerkenningCBPeHerkenning
CompanyA natural person who runs a company (a one-man business) or a nonnatural person. A company is represented by a transacting natural person. Scope: for version 1.1 the scope is restricted to businesses and legal entities who are obliged to be registered with the Chamber of Commerce. Application of eRecognition for G2G is outside the scope of 1.1, meaning governmental organisations which fall within the definition of Company still fall outside the scope. Own definitioneHerkenningeHerkenningen
ContextCotext in which authentication takes placeencontekst
Continuous authenticationContinuous authenticationcontinue authenticatie
CredentialA credential is an attestation of qualification, competence, or authority issued to an individual by a third party with a relevant de jure or de facto authority or assumed competence to do so.
CredentialA general term for privilege attribute data that has been certified by a trusted privilege certification authority.
Credentialed subject
CredentialsIDPs issue credentials, the information objects used during a transaction to provide evidence of the subject’s identity The credential may also provide a link to the subject’s authority, roles, rights, privileges, and other attributes.
Data minimisationSetting up data processing so that as few identification details as possible need to be known by the fewest possible parties. Own definitioneHerkenningeHerkenningen
Declaration of intentAn expression of intent (or volition) is an electronic signature which links the established details to which the intent applies, to the electronic details on whose basis the transacting natural person who issues the declaration of intent can be authenticated at any later time. Own definitioneHerkenningeHerkenningen
DeelidentiteitWie je bent in welke context. Het geheel
van alle deelidentiteiten vormt het ‘zelf’.
A. Roosendaal p.21
Digital IdentityA digital identity is a set of attributes that represent a subject in an online transactionNSTIC
Digitale handtekening
Digitale identiteiteen relatief brede opvatting ....van digitale identiteit, namelijk in de zin van een digitale representatie van een individuA. Roosendaal p.13
digitale personaeEen digitale representatie van een geïdentificeerd of identificeerbaar individu is een digitale persona. De term ‘digitale persona werd in 1994 geïntroduceerd door Roger Clarke. Hij definieerde de digitale persona als een model van de publieke persoonlijkheidvan een individu, gebaseerd op gegevens en onderhouden door transacties, bedoeld om te dienen als proxy (representatie) van het individu. Je publieke persoonlijkheid is dus een (deel-)identiteit en bestaat uit gegevens die je hebt ontsloten o f doorgegeven, of die op een andere manier beschikbaar zijn geworden voor anderen.A. Roosendaal p.91
Enrolling agentThe identity provider may also verify the identity of and sign up (enroll) a subject. Alternatively, verification and enrollment may be performed by a separate enrolling agent.
EnrollmentInschrijven, opnemen in registerduInschrijven, registreren
eRecognitionAuthentication for bussiness to government in The NetherlandseHerkenningeneHerkenning
eRecognitioneRecognition is a standardised, electronic identification method for recognising companies when
they access digital services from (government) service providers, just as DigiD is now the
identification method for citizens.
eRecognitioneRecognition is taken to denote recognition: see under recognition. Own definition specific to the context of the schemeeHerkenningeHerkenningen
eRecognition brokerThrough the eRecognition broker, government organisations have access to all authentication services and mandate registries within the eRecognition network.eHerkenningeHerkenningenHerkeninningsmakelaar
eRecognition networkSynonym for Network (for eRecognition)eHerkenningeHerkenningen
FICAMFederal Identity, Credential, and Access Management
FIPPFair Information Practice Principles.NSTIC
Fysieke identiteit
ICAMICAM comprises the programs, processes, technologies, and personnel used to create trusted digital identity representations of individuals and NPEs, bind those identities to credentials that may serve as a proxy for the individual or NPE in access transactions, and leverage the credentials to provide authorized access to an agency‘s resources.FICAM
Identification (to indentify)Stating the attributes of an entity to indicate it uniquely within a specific context. In the context of eRecognition this is the identification of parties. Analogous to KPMG, NTP Authorisation Policy (AP) vl.l. Note: definition of PKIoverheid refers to "establishing" the identity. The definition used here is more precise and does not entail the risk that establishing is associated with authenticating.eHerkenningeHerkenningen
Identifying characteristicA series of characters with which something or someone (a party) is indicated uniquely in a specific context. If the characteristic consists only of digits, then it may also be called an identifying number. Own definitioneHerkenningeHerkenningen
Identifying numberAn identifying characteristic which only consists of digits. Own definitioneHerkenningeHerkenningen
IdentiteitAccording to the philosopher Paul Ricoeur, the notion of “identity” involves two
realities apparently opposed; the similar and the dissimilar:
- The identity selfhood (in Latin ipse), refers to the set of features that makes someone unique among others.
- The identity sameness (in Latin idem) refers to those features whose character will persist throughout time and that will keep somebody the same.

IdentiteitsvormingA. Roosendaal p.1
IdentityThe complete but dynamic set of all attributes associated with a specific entity which makes it possible to distinguish the relevant entity from others. Each entity only has one identity. The identity belongs to the entity. Analogous to KPMG and Modinis.eHerkenningeHerkenningen
identity and access governanceidentity and access governance (IAG)IAGen
Identity Ecosystem FrameworkThe Identity Ecosystem Framework is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem.
Identity managementidentiteits beheer
Identity mediumThe credential can be stored on an identity medium: a device or object (physical or virtual) used for storing one or more credentials, claims, or attributes related to a subject Identity media are available in many formats, such as smart cards, security chips embedded in personal computers, cell phones, software based certificates, and Universal Serial Bus (USB) devices Selecting the appropriate identity medium and credential type is implementation-specific and depends on the risk tolerance of the participating entities.
Identity providerAn identity provider (IDP) is responsible for establishing, maintaining, and securing the digital identity associated with that subject These processes include revoking, suspending, and restor-
ing the subject’s digital identity if necessary.
Identity provider(SAML) A type of service provider which creates, maintains and manages identity details for parties and authenticates them for other service providers within the context of a federation.eHerkenningeHerkenningen
IMEIThe International Mobile Equipment Identifier (IMEI) [TS.3GPP.23.003] is a unique device serial number up to 15 digits
IMSIThe International Mobile Subscriber Identity (IMSI) [TS.3GPP.23.003] is an identifier associated with all GSM (Global System for Mobile Communications) and UMTS (Universal Mobile
Telecommunications System) mobile subscribers between 6 and 15 digits in length
IndividualAn individual is a person engaged in an online transaction Individuals are the first priority of the StrategyNSTIC
Interested partyCompany that acts as represented party without itself representing another party. The interested party is the first person in a chain of mandates. Own definitioneHerkenningeHerkenningen
least priviligeen
Legal entityA legal unit and subject of rights and bearer of obligations. Something is a legal entity on the basis of law or because it has arisen in accordance with legal requirements: a legal entity has a specified legal form. Scope: for version 1.1 the scope has been restricted to legal entities which have an obligation to register with the Dutch Chamber of Commece Register. In later versions it will be closely delineated as to which legal entities of other EU countries also fall within the scope. Definition in accordance with “Catalogus Basisregistraties”.eHerkenningeHerkenningen
Legal mandateadministrative lawmandatering
Legal representationA representation proceeding from the law without there being a grant of an authority or mandate by the represented party. Examples are: the manager(s) of a legal entity, the curator, the parents of a minor. Own definitioneHerkenningeHerkenningen
Level of AssuranceLoAenbetrouwbaarheidsniveau
Levels of ProtectionProtection at the side of the service provideren
Management organisationThe management organisation of the eRecognition scheme as described in the scheme. Own definitioneHerkenningeHerkenningen
ManagerA transacting natural person with the specific authority on behalf of a company to record, suspend, withdraw or otherwise carry out any associated registration processes for the mandating of other persons. Own definitioneHerkenningeHerkenningen
MandateThe registration of what a natural transacting person is allowed to do (mandated for) on behalf of the transacting company Own definitioneHerkenningeHerkenningenMachtiging
Mandate (to mandate)A revocable authority which a represented party grants to another party (the mandated party) to perform legal transactions on behalf of the first-named. A mandate may be general or specific. A specific mandate is restricted to specific legal transactions or a specific relevant scope with regard to legal transactions. Mandate may be regarded as a synonym for power of attorney, however the term mandate is used principally in an administrative law context. Own definition based on Modinis.eHerkenningeHerkenningen
Mandate confirmationAn electronically established declaration from which the existence and the correctness can be verified of a mandate as this has been checked in a mandate register for a specific transaction or service. Own definitioneHerkenningeHerkenningen
Mandate registerA required role within the network for eRecognition which is fulfilled by a participant in the scheme and which bears responsibility for registering, managing and checking mandates and verifying declarations about mandates (and/or at the request of the transacting natural person issuing mandate confirmations). Own definitioneHerkenningeHerkenningen
Mandate registryMandate registry: stores all authorisations given to employees to perform certain tasks on behalf of the business. All representatives must have valid authorisation.eHerkenningeHerkenningenMachtigingsregister
Mandated partyThe party which (on the basis of the law on mandates and/or power of attorney) is mandated to perform specific transactions on behalf of the represented party, for which the legal consequences will accrue to the represented party. When the mandated party is a natural person, there is no restriction on non-residents acting as mandated parties. Therefore a foreign natural person may also be a mandated party. Article 3:60 para 1 BW; Article 2:1 para 1 AWB.eHerkenningeHerkenningen
MDNThe Mobile Directory Number (MDN) is an E.164 number [E.164], with usage similar to MSISDN.
MINThe Mobile Identification Number (MIN) [TIA.EIA.IS-2000-6] is a 10-digit unique number assigned to CDMA handsetsMIN
Ministry of Economic Affairs, Agriculture and InnovationMinistry of Economic Affairs, Agriculture and InnovationeHerkenningEL&IeHerkenningdu
MS Member StateMS
MSISDNThe Mobile Station International Subscriber Dial Number (MSISDN) [E.213] is an E.164 number [E.164] between 6 and 15
digits long.
Natural personAn individual human person and subject of rights and bearer of obligations. Every natural person is a person in the sense of the definition of person given here. Own definition in accordance with ‘Catalogus Nieuw Handelsregister’.eHerkenningeHerkenningen
NCPNational Chipcard PlatformECPNCP
Network (for eRecognition)The collection of mutually connected components regulated by the scheme and which together deliver the eRecognition services and to this end have at least one participant in each of the roles of recognition broker, mandate register, authentication service and token issuer, possibly augmented with further roles for recognition services such as a signature service, their mutual connections, the connections up to and including the link with service providers and the processes for issuing tokens, registration of mandates and registrations of re-usable tokens from companies, including the required facilities for management in accordance with the scheme. Own definitioneHerkenningeHerkenningen
Network Access IdentifierA Network Access Identifier (NAI) [RFC4282] is an identifier used in network authentication in a range of networks. The identifier establishes a user identity within a particular domain.NAI
Non-natural entityEither a legal entity, or a collaborative venture of natural persons and/or non-natural persons. Not every non-natural entity is a person in the sense of the definitions given here for person: collaborative ventures for example are collections of persons but are themselves not a person in the legal sense. Own definition, in accordance with “Catalogi Basisregistraties” (www.stelselcatalogus.nl)eHerkenningeHerkenningen
Non-person entity (NPE)A non-person entity (NPE) may also require authentication in the Identity Ecosystem NPEs can be organizations, hardware, networks, software, or services and are treated much like individuals within the Identity Ecosystem NPEs may engage in or support a transaction.NPE
NSTICNational Strategy for Trusted Identities in Cyberspace.NSTIC
Brochure FSB
General nl-en
Pointer to other dictionaries