- A set of statements about one or more Entities
- Have zero or more Attributes.
- Has a schema (ontology) that describes kinds of Entities and Attributes that an instance of this Context contains.
- Has its own security and access control policy
Examples of Contexts that contain multiple Entities include: directories, informal groups, project teams, collaboration spaces, and communications systems and networks. Examples of Contexts that, at least from the point of view of the authenticated consumer, typically contain only a single Entity are: driver's licenses, credit cards, business cards, and many other kinds of security devices.
IdAS consumers must be able to provide the required authentication materials to "open" i.e. authenticate to a Context. Once opened, the contents of the Context can be searched, read and updated to varying extents based on the access control policy of the Context.
Some Contexts are abstract. An example of an abstract Context would be the internet mail Context associated with the internet mail ContextId. The Entitiess within this Context have a EntityIds that are email addresses (e.g. "email@example.com") within the email namespace defined by internet mail. This cannot be resolved to a physical Context because there is no globally defined set of all email addresses.