The Ambiguity of Making Claims
In identity management, a portion of a user's digital identity record is a claim (or claims) the user makes that describes them or asserts their right to gain some sort of access. Most establish these claims in the form of a definitive variable (i.e. Yes/No, A/B, 0/1, etc). I believe that this definitive approach is the core cause of many access control management problems, and thus a significant amount of fraud.

A claim is typically transient. It changes over time. People loose the right to access something. People get greater access rights as their reputation or job responsibilities change. It's a moving target. Therefore, all claims should include a reference to the process used to generated it. It should also have a time/date stamp. In this manner the recipient of that claim could view the claim (variable), assess the process to verify if it has been pre-approved, and optionally review the time/date if the assessment process requires it. In this manner the intent of the Claim variable is more directly associated with the end result of the access control (i.e. Write/Read, Allow/Deny, etc).