•Authentication
(identity information):
–"I
assert that this ___ user was authenticated by this ___ means at this ___ datetime."
•Attribute:
–"I assert
that this ___ user has this ___ attribute with this ___ value."
•Example: "I assert that John Doe's membership level is gold member."
•Authorization
Decision (entitlement information):
–"I
assert that this ___ user is [isn't] allowed to read [write, execute] this ___ resource."