DES is an encryption function, but the DES-based crypt is not DES; the internal function is altered (by the salt, namely), executed 25 times, and, more importantly, the roles of the key and the message are swapped. The end result is that the name “crypt” is improper (though traditional): this is no longer an encryption function; it should be called the “DES-based hash“.

Source: Thomas Pornin

Anything is known as an entity if it exists in the world, regardless of its form: abstract concepts or physical things, and has an identity (or ID for short) to distinguish it from others. Simply put, every entity has an identity or ID. For instance, users, computers, devices, applications, services, networks, etc., are entities because they all have identities to uniquely identify them. An entity’s inherent characteristics are called attributes. An identity is an entity’s attribute or a combination of attributes to distinguish it from others. An entity that can initiate or respond to actions is a security principal, while one that doesn’t is a resource. The active party that initiates actions is known as the subject, while the passive party that responds to the active party or is accessed by the active party as a resource is the object.

Entities or security principals have accounts stored in a directory (account database). An account is the technical means of representing an entity; the fields of an account in a directory represent an entity’s attributes. An ID provider is an entity that 1) holds and manages a directory, 2) responds to queries, 3) verifies a subject’s identity through authenticators, 4) issues tokens or tickets, and 5) provides assertions or claims to assure statements about entities are true. In Microsoft’s Active Directory, a directory can be divided into one or more physical partitions (schema, configuration, and domain partitions) or logical domains for performance or administrative purposes. The machine that holds the account database is a domain controller, and the service on the domain controller that manages the directory is called a directory service.

Authentication is based on the secrecy of authenticators and trust in tokens and tickets issued by the ID provider; it is the process by which an ID provider verifies an entity’s identity through one or more authenticators by searching accounts and comparing data against the directory. A subject in the authentication process is an entity that actively professes its identity to the ID provider; this process for a subject to profess its identity is known as identification. However, it is also called identification when an ID provider searches the directory and locates the account that represents the entity. An authenticator is a secret used to prove an entity’s identity. There are three types of authenticators, aka authentication factor: something you know, something you have, and something you are.

Multi-factor authentication (MFA) refers to the authentication process using two or more authenticator types. The combination of a subject’s identity and its authenticators is collectively called a credential. Assertions or claims are statements about an entity that are always true, issued by the ID provider after verifying the entity’s identity. In SAML or OIDC, assertions or claims are pairs of attributes and values or key-value pairs represented in XML or JSON. Tokens and tickets are technical or physical means to convey assertions or claims.

Single Sign-On (SSO) is a system feature that allows a user to sign on once and access resources across various systems based on agreed-upon protocols and token or ticket formats. SAML and OIDC are commonly used protocols in a federation-based SSO. A federation is a collection of systems that share common protocols to facilitate the SSO feature.

The following contents about evidence and rules of evidence are summarised from various sources as shown in inline hyperlinks and references below.

Trial and Evidence

• Trial: A trial is a formal legal proceeding where legal claims are presented, evidence is examined, and witnesses are heard. It is overseen by a judge, jury, or other adjudicator who determines the guilt or innocence of a party in a criminal case or the outcome of a dispute in a civil case. Trials adhere to established legal procedures and rules of evidence, operating as an adversary proceeding in court.
• Evidence: an item or information proffered to make the existence of a fact more or less probable.
• Rules of Evidence: As the name indicates, the rules by which a court determines what evidence is admissible at trial. In the U.S., federal courts follow the Federal Rules of Evidence, while state courts generally follow their own rules, such as the Maryland Rules of Evidence.

Burden and standard of proof

The following contents are excerpted from ICRL, The Incorporated Council of Law Reporting for England & Wales:

• The standard of proof is the degree to which a party must prove its case to succeed. The burden of proof, sometimes known as the “onus”, is the requirement to satisfy that standard.
  1. In criminal cases, the burden of proof is on the prosecution, and the standard required of them is that they prove the case against the defendant “beyond reasonable doubt”. For the benefit of the jury in the Crown Court, this is usually expressed as requiring them to be “satisfied so that you are sure” of the defendant’s guilt. This is unofficially described as the 99% test.
  2. In civil cases, the burden of proof is on the claimant, and the standard required of them is that they prove the case against the defendant “on a balance of probabilities”. This is unofficially described as the 51% test.
• Exceptions
  1. In certain circumstances, the burden will fall on or shift to the other party. For example, in criminal cases in which a defence of insanity is raised, it is for the defence to establish it on a balance of probabilities, ie to the civil standard.
  2. In civil cases where there is a preliminary issue, for example as to jurisdiction, the burden is sometimes expressed as “a good arguable case” or “much the better of the argument”. That is because, in such cases, the court is not in a position to weigh the evidence in its totality and must make a necessarily interim assessment.

Direct and Circumstantial Evidence

• Direct Evidence
  1. Direct evidence is evidence of a fact based on a witness’s personal knowledge of that fact acquired by means of the witness’s senses.
  2. Direct evidence may prove guilt of a charged offense or liability for a civil wrong if, standing alone, that evidence satisfies a jury that guilt of the offense has been proved beyond a reasonable doubt or that liability for a civil wrong has been proven by a preponderance of the evidence or other applicable burden of proof.
  3. In a criminal proceeding, a defendant’s confession of guilt constitutes direct evidence. A defendant’s admission, not amounting to a confession because it does not directly acknowledge guilt but includes inculpatory statements from which a jury may infer guilt, is circumstantial evidence.
  4. A confession acknowledges complete guilt, while an admission only accepts some connection to the case. A confession can lead to a conviction on its own, but an admission alone does not prove guilt. (The Legal Buddies LLC.)
• Circumstantial Evidence
  1. Circumstantial evidence is direct evidence of a fact from which a person may reasonably infer the existence or nonexistence of another fact.
  2. Circumstantial evidence may prove guilt of a charged offense or liability for a civil wrong, if that evidence, while not directly establishing guilt of the offense or liability for a civil wrong, gives rise to an inference of guilt beyond a reasonable doubt or of liability for the civil wrong by a preponderance of the evidence or other applicable burden of proof.

Real and Demonstrative Evidence

• “Real Evidence” refers to any tangible object or sound recording of a conversation that is
  offered in evidence.
• “Demonstrative evidence” refers to a visual, graphic, or sound aid used to explain or
  illustrate a witness’s testimony or the presentation of the proponent’s case.

Testify, Witness, and Testimony

• Testify: to give one’s testimony under oath as a witness; to give evidence as a witness.
• Witness: In legal proceedings, witnesses can serve as sources of evidence, offering firsthand accounts that can corroborate or refute claims made by parties involved. Expert witnesses: who possess specialized knowledge and who are called upon to provide expert testimony within their area of expertise. Lay witnesses: Individuals with personal knowledge of the matter. (aka eye witness)
• Testimony: Testimony is oral or written evidence given by the witness under oath, affidavit, or deposition during a trial or other legal procedures.

Out of Court

• Out of court: Not before the court. Actions, including negotiations between parties or their attorneys, without any direct involvement of a judge or the judicial system.
• Hearsay: testimony from a witness under oath who is reciting an out-of-court statement that is being offered to prove the truth of the matter asserted.
• Police lineup: A police lineup (in American English) or identity parade (in British English) is a process by which a crime victim or witness’s putative identification of a suspect is confirmed to a level that can count as evidence at trial. (Wikipedia)
• Settlement: an agreement that ends a dispute and results in the voluntary dismissal of any related litigation. Regardless of the exact terms, many parties choose to keep their settlement agreements private.

Rules of Evidence

• Hearsay rule: the rule prohibiting hearsay (out of court statements offered as proof of that statement) from being admitted as evidence because of the inability of the other party to cross-examine the maker of the statement. (Legal Information Institute)
  1. Hearsay is not admissible unless it falls within an exception to the hearsay rule.
  2. There are a number of exceptions to the hearsay rule (including present-sense impression, excited utterances, declarations of present state of mind, dying and the business records exceptions), as well as things defined not to be hearsay (admission of a party-opponent, and prior statements of a witness).
  3. If it is hearsay, is it nonetheless not excluded by the hearsay rule, because it qualifies under an exception to that rule (Md. Rule 5-803-804)?
  4. Rule 803 – Exceptions to the Rule Against Hearsay–Regardless of Whether the Declarant Is Available as a Witness
  5. Business Records Exception to Hearsay: Most documents are hearsay because they record what others did and said, and are generally maintained by someone who was not involved in matters in the records. There is an exception to the hearsay rules for business records.(Public Health Law Map – Beta 5.7)
• Parol evidence rule
  1. The parol evidence rule is a rule in common law jurisdictions limiting the kinds of evidence parties to a contract dispute can introduce when trying to determine the specific terms of a contract and precluding parties who have reduced their agreement to a final written document from later introducing other evidence, such as the content of oral discussions from earlier in the negotiation process, as evidence of a different intent as to the terms of the contract.
  2. The rule provides that “extrinsic evidence is inadmissible to vary a written contract”. The term “parol” derives from the Anglo-Norman French parol or parole, meaning “word of mouth” or “verbal”, and in medieval times referred to oral pleadings in a court case.
• Best evidence rule: The best evidence rule is a legal principle that holds an original of a document as superior evidence. The rule specifies that secondary evidence, such as a copy or facsimile, will be not admissible if an original document exists and can be obtained.

References

• Legal Information Institute
• Different Types of Witnesses in Court
• 2024 Federal Rules of Evidence
• Title 5 – Maryland Rules of Evidence
• Police lineup
• Lineups and Other Identification Situations
• Guide to New York Evidence
• Alphabetical List of Rules
• Business records exception
• Business Records Exception to Hearsay
• Burden and standard of proof