Credential Service Provider
From Wikipedia, the free encyclopedia
A Credential Service Provider (CSP) is an element of an authentication system, most typically identified as a separate entity in a Federated authentication system.
In any authentication system, some entity is required to authenticate the user on behalf of the target application or service. For many years there was poor understanding of the impact of security and the multiplicity of services and applications that would ultimately require authentication. Therefore many services and applications were built embedding the CSP function. The result of this is that not only are users burdened with many credentials that they must remember or carry around with them, but also applications and services must perform some level of registration and then some level of authentication of those users. A CSP decouples those functions from the application or service and typically provides trust to that application or service over a network (such as the Internet).
The term CSP is used frequently in the context of the US government's eGov and eauthentication initiatives.
An example of a CSP would be an online site whose primary purpose may be, for example, internet banking - but whose users may be subsequently authenticated to other sites, applications or services without further action on their part.