For the #identity crowd…things I’ve been thinking about this week: the entity that represents “who you are” is not necessarily the same entity that represents “what you can access”. Your user “account” may, can and should be distinct from the “principle” which is assigned access in a given service or system.