Campus and other organization units may designate staff to perform certain ID Management functions, such as the provisioning of a UH Username and access to ITS Online Services to those designated by the campus as an affiliate.

The UH Username is archived (they are never assigned to a different person) and all all personal files and email are permanently and irrevocably deleted.  A person that returns will be, by design, reassigned to the previously assigned UH Username if one existed, but will otherwise be starting fresh.

Temporarily disable a UH Username and disable Help Desk and Self Service password reset functions.  A UH Username is disabled for administrative or security reasons.  The UH IT Security Officer is notified and is generally the one responsible for working with the owner of the UH Username. 

 External Identities are Identities that are not managed by the UH's Identity Management System (UHIMS).  See Social Identities and Federated Identities.

 A federation is a group of identity providers that agree upon a standard of operations, interactions, frameworks, goals, etc.  This federation can be point-to-point or via a formal federation framework (such as the InCommon Federation, of which UH is a member).  This is the type of Identity most familiar to academic institutions, and is often considered an External Identity.

UHIMS Groups is a service that is useful for organizing people into groups. A group can be used to determine who is allowed what privileges in an application for example. A group can also be used to determine if a person should be included or excluded from a university announcement or discussion list that sends out email.

The UH Grouping service provides a groups administration tool that allows the group administrator to utilize a Grouper group that is automatically updated (nightly or more frequent) according to the cohort requirements.  A Grouping includes three groups: an Automatic group, a Inclusion group, and an Exclusion group.  The Automatic group is automatically updated by UHIMS and can reference any predefined subpopulations.  The Inclusion group allows a Grouping administrator to manual append additional people to the UH Grouping.  The Exclusion group allows the Grouping administrator to specify who must not be including.  UH Groupings can be published to LISTSER lists, for example.

Identifiers are attributes that uniquely reference an Identity. Such Identifiers are by design permanently unique to the individual.  It is possible for a single Identity to have multiple associated Identifiers.  For the UH Identity Management System (UHIMS), UH Number and UH Username are attributes that can be considered to be identifiers.

The degree to which we can confidently say that a person is who they say their are is based on the process used for identity proofing and the kinds of identity credentials they use for authenticating the person. An in-person process conducted by a Personnel Officer and requiring two government picture IDs provides for greater level of assurance than self-service web-form such as an initial student application for admissions, for example.

Identity Vetting is the process of confirming a person's identity in order to ensure that they are who they say they are and that their Identifiers are appropriately issued.  Identity Vetting is an important aspect of create an Identity Assurance Profile.

In a trust federation such as the InCommon Federation the Identity Provider is the service that a member provides for authentication users.  The purpose of the IdP is to allow users use University credentials (UH Username and pwd) to successfully authenticate and access services provided by a Service Provider.  Such services can include wiki spaces, portals, access to electronic content, learning management resource, etc no matter who in the federation is hosting the services.

 An Identity that is managed with UH's Identity Management System (UHIMS).  

 An Identity that is managed within a single application.  It is known only within the application, and any linking to other Identities is done by the application. This Identity would always be considered an Internal Identity.

A UH Username that is locked down is no longer functional.  Besides being Disabled (see Disable, Username Disabling), email messages are bounced and personal web pages are no longer accessibled or viewable.  Lockdown results in manual termination (see Username Termination) after a specified period, six months by default.

An organization's central repository of person information. Useful for helping to ensure that each person has one and only one identity in the organization no matter how many roles she may have, or how often she changes roles. 

An application can control access to resources by determining if an individual is listed in a role (e.g. student, faculty or staff) or is included in a Grouper group.

There are many social networking sites, the most popular include: Facebook, Google, and Twitter. These providers offer users self-service creation of Identities, which can then be used to access other services. These are almost always considered External Identities.

In a trust federation such as the InCommon Federation the Service Provider makes a service available to those that are authorized to access the service if they can successfully authenticate from a trusted IdP.

Systems such as Banner and PeopleSoft HR are the official repositories of information about a person and as such are systems of record. Information stored in the Person Registry must be attributed authoritative records in a System of Record in order to ensure accuracy and audit-ability.

(deprecated terminology, see Deprovisioning, Username Deprovisioning)

The UH Identity Management System (UHIMS) creates a unique number for each person  (students, faculty, staff, etc) affiliated with the university.  This number is currently 8 digits and includes a checksum digit.  References to Banner Id or employee Id more accurately described as UH Numbers since Banner and PeopleSoft HR are two examples of UH applications that obtain the unique Id from UHIMS.  The purpose of the UH Number is to serve as a unique identifier and as such it is the recommended identifier for database records (more info available).  
It is important to note that the UH Number must not be used as a shared secret; it is not a PIN and to use it as such greatly weakens the security of the application that treats it as a shared secret.