Overview of Identity and Access Management

What is Identity and Access Management ?

• Identity and access management is “Security discipline that allows the right people to access the right resource at the right time and for the right purpose.”

What is Identity Management ?

• Usually, a user's identity is made up of a number of things, like their first name, last name, etc.
• Relate fields
  • User and role management → access what
  • Password management → password policy
  • Directory management → creating user in ad
  • User provisioning/deprovisioning → when user quit, join

What is Access Management ?

• Functions that decide if an identity has access to a resource
• Relate fields
  • Authorization
  • Role based access
  • Access validation
  • Authentication Management

Terminologies of Identity and Access Management

Authentication and Authorization Concept

• Authentication is the process of making sure someone is who they say they are based on their credentials.
  • You can now get into the house because you have the key.
• Authorization is the process of making sure that only authenticated identities can access resources they are allowed to get to.
  • You can go into the room that lets you.

Multi Factor Authentication

• Authentication contain
  • What you know → password
  • What you have → id card, otp
  • What you are → bio
• Multifactor be like what you know combine with what you have (password + otp)

Context Access Management

• When it's not possible to use multi-factor authentication, context access management will step in.