eSSIF-Lab Glossary

Action

something that is actually done (a 'unit of work' that is executed) by a single actor (on behalf of a given party), as a single operation, in a specific context.

Actor

Entity that can act (do things/execute actions), e.g. people, machines, but not organizations.

an offer by a specific party to provide a (type of) credential, where the offer includes (a reference to) the syntax and semantics specifications of that credential, and also lists various other characteristics that enable other parties to decide whether or not a credential that the advertising party has issued under this offer, is valid to be processed in one or more of its information processes.

Agent

an actor that is executing an action on behalf of a party (called the principal of that actor).

Assertion

a declaration/statement, made by a specific party, that something is the case.

Assessment framework

the combination of a set of criteria that an auditor can assess by applying them to an entity (of a specific kind), and the procedures that this auditor will follow for doing so, for the purpose of establishing the extent in which that entity conforms to a stated set of requirements.

Attribute

Data, that represents a characteristic that a party (the owner of the attribute) has attributed to an entity (which is the subject of that attribute).

Authority (Centralized or Decentralized)

a party of which certain decisions, ideas, rules etc. are followed by other parties.

Capability (of a Party)

The (named) combination of (a) the means of a specific party to get something done, (b) the party's governance process that ensures that its (business) policies for getting that something done are being created and maintained, and (c) the party's management process that creates and maintains the (operational) policies, such that every employee that has a task in getting this something done can find and interpret a policy and use it as it executes actions in such tasks.

Capability (of an Actor)

The potential of an actor to execute a (named) coherent set of actions (a 'function', or 'task') on behalf of some party.

Colleague

two or more (digital or non-digital) agents that have the same principal (i.e. party on whose behalf they are executing an action).

Commitment Decision

the decision of that party whether or not to commit to that business transaction, i.e. (promise) to fulfill the obligations that the associated transaction agreement proposal would impose on that party once it were signed.

Communication Channel

a (digital or non-digital) means by which two actors can exchange messages with one another.

Communication Session

a time interval during which two actors have an established communication channel that does not exist outside of that time interval.

Community

a party, consisting of at least two different parties (the members of the community) that seek to collaborate with each other so that each of them can achieve its individual objectives more efficiently and/or effectively.

Compliance

the state of realization of a set of conformance criteria or normative framework of a party.

Compliance level

a measure for stating how well an entity conforms with a stated (set of) requirement(s).

Compliance management

the process that is run by (or on behalf of) a specific party for the purpose of managing its compliance objectives.

Compliance Objective

an objective, owned by a party, that aims to reach and maintain a state of affairs in which a specific set of entities that this party controls are in accordance with a specific set of requirements (e.g., laws, regulations, standards, etc.).

Concept

the ideas/thoughts behind a classification of entities (what makes entities in that class 'the same').

Concept-file

a file whose contents defines/specifies a concept.

Control

the combination of resources (e.g. people, tools, budgets, time) and processes that are tasked to realize a specific control objective of a particular party.

Control level

a measure for the efficiency and effectiveness in which a control produces the results specified by its control objective

Control Objective

an objective, owned by a party, that aims to contribute to the realization of another (set of) objective(s) of that party, by producing results that this party needs to realize these other objective(s).

Control Process

a process, owned and run by a party, to ensure that a specific subset of its control objectives are realized.

Controller

the role that an actor performs as it is executing actions on that entity for the purpose of ensuring that the entity will act/behave, or be used, in a particular way.

Controllership

the capability of an actor to execute actions on a specific entity for the purpose of ensuring that this entity will act/behave, or be used, in a particular way.

Corpus of Terminology

the documentation that describes the knowledge around a set of terms and concepts.

Credential

data, representing a set of assertions (claims, statements), authored and signed by, or on behalf of, a specific party.

Credential Catalogue

a functional component that has the to register and advertise the information about credential types that their respective governing parties have decided to disclose so as to enable other parties to decide whether or not it is beneficial for them to use credentials of such types.

Credential Type

the specification of the contents, properties, constraints etc. that credentials of this type must have/comply with.

Data

something (tangible) that can be used to communicate a meaning (which is intangible/information).

Decision

the conclusion that a party inferences from a set of data that it considers to be facts.

Definition

a text that helps parties to have the same understanding about the meaning of (and concepts behind) a term, ideally in such a way that these parties can determine whether or not they make the same distinction.

Delegate

the transferral of ownership of one or more obligations of a party (the delegator), including the associated accountability, to another party (the delegatee)), which implies that the delegatee can realize such obligations as it sees fit.

Dependent

an entity for the caring for and/or protecting/guarding/defending of which a guardianship arrangement has been established.

Dictionary

an alphabetically sorted list of terms with various meanings they may have in different contexts.

Documentation Interoperability

the property that a documentation system of making its content comprehensible for a variety of people that come from different backgrounds.

Ecosystem

a set of at least two (autonomous) parties (its 'members') whose individual work complements that of other members, and is of benefit to the set as a whole.

Employee

a (human or non-human (digital)) actor for whom/which it is realistic that it might execute actions on behalf of a party (called the employer of that actor).

Employer

a party on whose behalf a (human or non-human) actor (called an employee of that party) might execute actions.

Employment Contract

an agreement/contract between two parties, one of which controls a set of actors (the subjects of the contract), that states (or refers to) all (sets of) rights and duties under which these actors can and/or must work for the other party.

Entity

someone or something that is known to exist.

Expectation

an objective that is owned by a party for having a specific (set of) result(s) produced, where the actual production thereof is (going to be) outsourced to another party.

Framework (Conceptual)

A set of assumptions, concepts, values, and practices that constitutes a way of viewing reality.

Governance

the act or process of governing or overseeing the realization of (the results associated with) a set of objectives by the owner of these objectives, in order to ensure they will be fit for the purposes that this owner intends to use them for.

Governor

a role that a party (better: employee of a specific party) performs as it governs a (coherent) set of expectations of that party, within a particular focus.

Guardian

a party that has been assigned rights and duties in a Guardianship Arrangement for the purpose of caring for and/or protecting/guarding/defending the entity that is the dependent in that Guardianship Arrangement.

Guardianship Arrangement

Guardianship Arrangement (in a Jurisdiction): the specification of a set of rights and duties between legal entities of the jurisdiction that enforces these rights and duties, for the purpose of caring for and/or protecting/guarding/defending one or more of these entities.

Guardianship-type

a class of guardianship arrangements within the jurisdiction that governs and manages them.

Holder

a component that implements the capability to handle presentation requests from a peer agent, produce the requested data (a presentation) according to its principal's holder-policy, and send that in response to the request.

Holder Policy

a digital policy that enables an operational holder component to function in accordance with the objectives of its principal.

Human Being

a person of flesh and blood (homo sapiens), that we classify both as a party,an actor, and a jurisdiction.

Identifier

a character string that is being used for the identification of some entity (yet may refer to 0, 1, or more entities, depending on the context within which it is being used).

Identify

an act, by or on behalf of a party, that results in the selection of either

a single partial identity that the party owns, given some (observed or received) data, or
a single entity from a given set of entities that is the subject of a specified partial identity that the party owns.

Identity

the combined knowledge about that entity of all parties, i.e. the union of all partial identities of which that entity is the subject.

Information Process

A coherent set of [actions@] that are (to be) performed by a single [party@], in which data (that is controlled by this party is created, read, updated and/or deleted.

Issuer

a component that implements the capability to construct credentials from data objects, according to the content of its principal's issuer-Policy (specifically regarding the way in which the credential is to be digitally signed), and pass it to the wallet-component of its principal allowing it to be issued.

Isuer Policy

a digital policy that enables an operational issuer component to function in accordance with the objectives of its principal.

Jurisdiction

the composition of a legal system (legislation, enforcement thereof, and conflict resolution), a party that governs that legal system, a scope within which that legal system is operational, and one or more objectives for the purpose of which the legal system is operated. See also the Jurisdictions pattern.

Knowledge

The (intangible) sum of what is known by a specific party, as well as the familiarity, awareness or understanding of someone or something by that party.

Legal Entity

an entity that is known by, recognized to exist, and registered in that jurisdiction.

Legal Jurisdiction

a jurisdiction that is governed/operated by a governmental body.

Legal System

a system in which rules are defined, and mechanisms for their enforcement and conflict resolution are (implicitly or explicitly) specified.

Management

the act or process of managing or actually realizing of (the results associated with) a set of objectives by the owner of these objectives.

Mandate

a right or duty that one party (the mandator) has granted to another party or employee (the mandatee) for executing a specific (set of) actions in the name of, and under responsibility/accountability of, this (first) party.

Mental Model

A description, both casual and formal, of a set of concepts (ideas), relations between them, and constraints, that together form a coherent and consistent 'viewpoint', or 'way of thinking' about a certain topic.

Mission

an objective of a party that provides an answer to the question why that party exists - i.e. its 'raison d'être'.

Normative framework

a set of rules that are followed and/or criteria that remain fulfilled by (a specific kind of) entities whose behavior and/or properties are characterized as 'normal'.

Objective

Something toward which a party (its owner) directs effort (an aim, goal, or end of action).

Obligation

an objective that is owned by the party for producing a specific (set of) result(s) that are to be used (consumed) by that party and/or other parties.

Onboarding

A process that is run for a specific (set of) actor(s) on behalf of a specific party, that terminates successfully if and only if the party has (a) established the suitability of the actor for executing certain kinds of actions on its behalf, (b) ensured that their mutual rights and duties are properly specified and will be appropriately enforced, and (c) provided the circumstances/contexts within which the actor is enabled to do so.

Organization

a party that is capable of setting objectives and making sure these are realized by actors that it has onboarded and/or by (vetted) parties that are committed to contribute to these objectives.

Outsourcing

the state of affairs in which a party has an objective (better: an expectation) for the realization of a (set of) result(s), where the actual production of these results is expected to be done by a party other than itself.

Owned

an entity over which another entity (its owner) has the power (duty, right) to enjoy it, dispose of it and control it; that power is limited to (the scope of) that jurisdiction, and by its rules.

Owner

the role that a party performs when it is exercising its legal, rightful or natural title to control that entity.

Ownership

a relationship between two entities that exists within the scope of control of a jurisdiction, in which one of them (called the owner) has legal, rightful or natural rights and/or duties to enjoy, dispose of, and control the other (called the owned).

Partial identity

all knowledge that a specific party (= the owner of the partial identity) has about that entity (= the 'subject' of the partial identity).

Party

an entity that sets its objectives, maintains its knowledge, and uses that knowledge to pursue its objectives in an autonomous (sovereign) manner. Humans and organizations are the typical examples.

Pattern

Pattern-file

a file whose contents describes/documents a pattern.

Peer Actor

the actor with whom/which this other actor is communicating in that communication session.

Peer Party

a party that also participates in that business transaction.

Policy

a (set of) rules, working-instructions, preferences and other guidance for the execution of one or more kinds of actions, that agents of the party that governs the policy have access to and can interpret such that this results in these actions being executed as intended by that party.

Presentation

a (signed) digital message that a holder component may send to a verifier component that contains data derived from one or more verifiable credentials (that (a colleague component of) the holder component has received from issuer components of one or more parties), as a response to a specific presentation request of a Verifier component.

Presentation Request

a (signed) digital message that a verifier component sends to a holder component asking for specific data from one or more verifiable credentials that are issued by specific Parties.

Principal

the party for whom, or on behalf of whom, the actor is executing an action (this actor is then called an agent of that party).

Qualified Data

data that comes with assurances, at least regarding its provenance and integrity (immutability), that make this data valid to be used for specific purposes of individual parties.

Revocation component

a component that implements the capability to revoke credentials that are issued by its principal, according to its principal's revocation policy.

Revocation Policy

a digital policy that enables an operational revocation component to function in accordance with the objectives of its principal.

Revoke/Revocation

the act, by or on behalf of the party that has issued the credential, of no longer vouching for the correctness or any other qualification of (arbitrary parts of) that credential.

Risk

the effects that uncertainty (i.e. a lack of information, understanding or knowledge of events, their consequences or likelihoods) can have on the intended realization of an objective of a party.

Risk level

a measure for the deviation of the intended realization (results) of a specific objective that its owner uses to represent the priority with which the risk of that objective should be reckoned with.

Risk management

a process that is run by (or on behalf of) a specific party for the purpose of managing the risks that it owns (thereby realizing specific risk objectives).

Risk Objective

an objective, owned by a party, that aims to reach and maintain a state of affairs in which the risks associated with a specific set of its objectives become, and/or remain, acceptable.

Risk Owner

the party that is the owner of the objective to which a risk is associated.

Role

a defined set of characteristics that an entity has in some context, such as responsibilities it may have, actions (behaviors) it may execute, or pieces of knowledge that it is expected to have in that context, which are referenced to by a specific role name.

Role name

name (text) that refers to (and identifies) a role in a specific context.

Scope

the extent of the area or subject matter (which we use, e.g., to define patterns, concepts, terms and glossaries in, but it serves other purposes as well).

Scope of Control

the extent of the area or subject matter that a party controls.

Scope-file

a file whose contents defines/specifies a scope.

Self-Sovereign Identity (SSI)

Self-Sovereign Identity (SSI) is a term that has many different interpretations, and that we use to refer to concepts/ideas, architectures, processes and technologies that aim to support (autonomous) parties as they negotiate and execute electronic transactions with one another.

Self-Sovereignty

the characteristic of every party that it is autonomous in managing and operating its own knowledge, particularly in making decisions and deciding how to decide.

Semantics

a mapping between the (tangible/textual) terms and (intangible) ideas/concepts - their meaning.

SSI (Self-Sovereign Identity)

SSI (Self-Sovereign Identity) is a term that has many different interpretations, and that we use to refer to concepts/ideas, architectures, processes and technologies that aim to support (autonomous) parties as they negotiate and execute electronic transactions with one another.

SSI Agent

a digital agent that provides one or more of the ssi functionalities (issuer, holder, verifier, wallet) to its principal.

SSI Assurance Community (SSI-AC)

a community that supports its members as they seek to increase their confidence in the SSI infrastructure and/or (specific) qualifications of the data exchanged through that infrastructure.

SSI Infrastructure

the technological components that are (envisaged to be) all over the world for the purpose of providing, requesting and obtaining qualified data, for the purpose of negotiating and/or executing electronic transactions.

Subject

the (single) entity to which a given set of coherent data relates/pertains. Examples of such sets include attributes, Claims/Assertions, files/dossiers, (verifiable) credentials, (partial) identities, employment contracts, etc.

Tag

an alphanumeric string that is used to identify scopes (so called 'scopetags'), group terms (so called 'grouptags'), or identify a specific version of a terminology (so called 'versiontags') from within a specific scope.

Term

a word or phrase (i.e.: text) that is used in at least one scope/context to represent a specific concept.

Term (Scoped)

a term, the meaning of which is determined by the definition to which it refers in a specific scope/context.

Term-file

a file whose contents defines/specifies a term.

Terminology

the set of terms that are used within a single scope to refer to a single definition, enabling parties to reason and communicate ideas they have about one or more specific topics.

Terminology Process

a method for recognizing misunderstandings as such, and creating or maintaining definitions that resolve them.

Terms Community

a community that maintains a terminology for the purpose of avoiding misunderstandings between its members as they collaborate.

Transaction

the exchange of goods, services, funds, or data between some parties (called participants of the transaction).

Transaction Agreement

the set of rules that specify the rights (expectations) and duties (obligations) of participants towards one another in the context of a specific business transaction.

Transaction Form

the specification of the set of data that this party needs to (a) commit to a (proposed) business transaction of that kind, (b) fulfill its duties/obligations and (c) escalate if necessary.

Transaction Id

character string that this participant uses to identify, and refer to, that business transaction.

Transaction Proposal

a transaction agreement that is 'in-the-making' (ranging from an empty document to a document that would be a transaction agreement if it were signed by all participants).

Transaction Request

a message, send by a requesting party to a providing party, that initiates the negotiation of a new transaction agreement between these parties for the provisioning of a specific product or service.

Trust

the (un)conscious decision by a party to believe that X is in fact the case.

Trust level

the (subjective) degree of belief or confidence that a party has in X (someone, something, ...).

Validate

the act, by or on behalf of a party, of determining whether or not that data is valid to be used for some specific purpose(s) of that party.

Validator

a component that implements the capability to determine whether or not (verified) data is valid to be used for some specific purpose(s).

Validator Policy

a digital policy that enables an operational validator component to function in accordance with the objectives of its principal.

Verifier

a component that implements the capability to request peer agents to present (provide) data from credentials (of a specified kind, issued by specified parties), and to verify such responses (check structure, signatures, dates), according to its principal's verifier policy.