The following lists Identity Authority Manager (IdAM) specific concepts and key terms. IdAM Implements the Registration Authority (RA) part of a Public Key Infrastructure (PKI) according to standards such as X.509, IETF-CMP, or IETF-PKIX. To implement the IdAM, it is necessary to own an existing and tested PKI concept. For more information on general PKI definitions and EJBCA specific concepts, refer to the EJBCA Documentation on EJBCA Concepts.

Birth Certificate

The birth certificate is the initial identity of the device or unit. It should be used to issue new certificates, secure communication, and updates throughout the device lifecycle.

Device Adapter

The device adapter interface is used for communication with the device in production.

Sequence Controller and Administration

The Sequence Controller and Administration interface are used for managing, adapting, and modeling the identity verification and validation processes. To accomplish this, the Sequence Controller offers the possibility to define rule chains. 

Trust Service Adapter

The Trust Service Adapter interface is used for communication with the certificate-issuing services.

Trust Anchor

The Trust Anchor provides core crypto functions and random number generation. It is implemented as dedicated hardware or in software.

Rule Engine (ThingsBoard)

The rule engine (ThingsBoard) is the core workflow process software engine used to define and operate custom rule chains. For more information, see Rule Engine Concepts.