1 / 222

Identity Management

Identity Management. Information Technology Infrastructure Library - Identity management.

fburk
Télécharger la présentation

Identity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Management https://store.theartofservice.com/the-identity-management-toolkit.html

  2. Information Technology Infrastructure Library - Identity management • Identity management (IdM) less commonly called Access and Identity Management (AIM) as a process focuses on granting authorised users the right to use a service, while preventing access to non-authorised users. Certain identity management processes executes policies defined in Information Security Management System. https://store.theartofservice.com/the-identity-management-toolkit.html

  3. Identity management system • An identity management system refers to an information system, or to a set of technologies that can be used for enterprise or cross-network identity management. https://store.theartofservice.com/the-identity-management-toolkit.html

  4. Identity management system • Identity management (IdM) describes the management of individual identities, their authentication, authorization, roles, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks. https://store.theartofservice.com/the-identity-management-toolkit.html

  5. Identity management system • "Identity Management" and "Access and Identity Management" (or AIM) are terms that are used interchangeably under the title of Identity management while Identity management itself falls the umbrella of IT Security. https://store.theartofservice.com/the-identity-management-toolkit.html

  6. Identity management system • Identity management systems, products, applications, and platforms are commercial Identity management solutions implemented for enterprises and organizations. https://store.theartofservice.com/the-identity-management-toolkit.html

  7. Identity management system • Technologies, services, and terms related to Identity management include Active Directories, Service Providers, Identity Providers, Web Services, Access control, Digital Identities, Password Managers, Single Sign-on, Security Tokens, Security Token Services (STS), Workflows, OpenID, WS-Security, WS-Trust, SAML 2.0, OAuth, and RBAC. https://store.theartofservice.com/the-identity-management-toolkit.html

  8. Identity management system - Electronic identity management • Therefore, in IT terms, one can consider identity management as the management of information (as held in a directory) that represents items identified in real life (e.g https://store.theartofservice.com/the-identity-management-toolkit.html

  9. Identity management system - Electronic identity management • Subsequently, as the information changed (due to employee turnover, provisioning and de-provisioning), the ability to perform self-service and help-desk updates more efficiently morphed into what became known as Identity Management today. https://store.theartofservice.com/the-identity-management-toolkit.html

  10. Identity management system - Electronic identity management • Typical identity management functionality includes the following: https://store.theartofservice.com/the-identity-management-toolkit.html

  11. Identity management system - Electronic identity management • Identity management also addresses the age-old 'N+1' problem — where every new application may entail the setting up of new data stores of users. The ability to centrally manage the provisioning and de-provisioning of identities, and consolidate the proliferation of identity stores, all form part of the identity management process. https://store.theartofservice.com/the-identity-management-toolkit.html

  12. Identity management system - Solutions • Solutions which fall under the category of identity management may include: https://store.theartofservice.com/the-identity-management-toolkit.html

  13. Identity management system - Solutions • Oracle Identity Management (Sun Java System Directory Server) https://store.theartofservice.com/the-identity-management-toolkit.html

  14. Identity management system - Solutions • Provisioning/De-provisioning of accounts https://store.theartofservice.com/the-identity-management-toolkit.html

  15. Identity management system - Solutions • Attribute based access control (ABAC) https://store.theartofservice.com/the-identity-management-toolkit.html

  16. Identity management system - Solutions • Identity repository (directory services for the administration of user account attributes) https://store.theartofservice.com/the-identity-management-toolkit.html

  17. Identity management system - Solutions • Directory virtualization (Virtual directory) https://store.theartofservice.com/the-identity-management-toolkit.html

  18. Identity management system - Solutions • e-Business scale directory systems https://store.theartofservice.com/the-identity-management-toolkit.html

  19. Identity management system - Solutions • Federation of user access rights on web applications across otherwise untrusted networks https://store.theartofservice.com/the-identity-management-toolkit.html

  20. Identity management system - Solutions • Liberty Alliance — A consortium promoting federated identity management https://store.theartofservice.com/the-identity-management-toolkit.html

  21. Identity management system - Solutions • Shibboleth (Internet2) — Identity standards targeted towards educational environments https://store.theartofservice.com/the-identity-management-toolkit.html

  22. Federated identity management • In information technology (IT), federated identity management (FIdM) is an approach to identity management (IdM). It amounts to having a common set of policies, practices and protocols in place to manage the identity and trust into IT users and devices across organizations. https://store.theartofservice.com/the-identity-management-toolkit.html

  23. Federated identity management • Single sign-on (SSO) systems allow a single user authentication process across multiple IT systems or even organizations. SSO is a subset of federated identity management, as it relates only to authentication and technical interoperability. https://store.theartofservice.com/the-identity-management-toolkit.html

  24. Federated identity management - Background • Evolving identity management challenges, and especially the challenges associated with cross-company, cross-domain access, have given rise to a new approach to identity management, known now as "federated identity management". https://store.theartofservice.com/the-identity-management-toolkit.html

  25. Federated identity management - Federation identity management • FIdM, or the "federation" of identity, describes the technologies, standards and use-cases which serve to enable the portability of identity information across otherwise autonomous security domains. The ultimate goal of identity federation is to enable users of one domain to securely access data or systems of another domain seamlessly, and without the need for completely redundant user administration. Identity federation comes in many flavors, including "user-controlled" or "user-centric" scenarios, as well as enterprise-controlled or business-to-business scenarios. https://store.theartofservice.com/the-identity-management-toolkit.html

  26. Federated identity management - Federation identity management • Federation is enabled through the use of open industry standards and/or openly published specifications, such that multiple parties can achieve interoperability for common use-cases. Typical use-cases involve things such as cross-domain, web-based single sign-on, cross-domain user account provisioning, cross-domain entitlement management and cross-domain user attribute exchange. https://store.theartofservice.com/the-identity-management-toolkit.html

  27. Federated identity management - Federation identity management • Use of identity federation standards can reduce cost by eliminating the need to scale one-off or proprietary solutions. It can increase security and lower risk by enabling an organization to identify and authenticate a user once, and then use that identity information across multiple systems, including external partner websites. It can improve privacy compliance by allowing the user to control what information is shared, or by limiting the amount of information shared. And lastly, it can drastically improve the end-user experience by eliminating the need for new account registration through automatic "federated provisioning" or the need to redundantly login through cross-domain single sign-on. https://store.theartofservice.com/the-identity-management-toolkit.html

  28. Federated identity management - Federation identity management • The notion of identity federation is extremely broad, and also evolving. It could involve user-to-user and user-to-application as well as application-to-application use-case scenarios at both the browser tier as well as the web services or service-oriented architecture (SOA) tier. It can involve high-trust, high-security scenarios as well as low-trust, low-security scenarios. The levels of identity assurance that may be required for a given scenario are also being standardized through a common and open Identity Assurance Framework. It can involve user-centric use-cases, as well as enterprise-centric use-cases. The term "identity federation" is by design a generic term, and is not bound to any one specific protocol, technology, implementation or company. https://store.theartofservice.com/the-identity-management-toolkit.html

  29. Federated identity management - Federation identity management • One thing that is consistent, however, is the fact that "federation" describes methods of identity portability which are achieved in an open, often standards-based manner – meaning anyone adhering to the open specification or standard can achieve the full spectrum of use-cases and interoperability. https://store.theartofservice.com/the-identity-management-toolkit.html

  30. Federated identity management - Federation identity management • Identity federation can be accomplished any number of ways, some of which involve the use of formal Internet standards, such as the OASIS Security Assertion Markup Language (SAML) specification, and some of which may involve open-source technologies and/or other openly published specifications (e.g. Information Cards, OpenID, the Higgins trust framework or Novell’s Bandit project). https://store.theartofservice.com/the-identity-management-toolkit.html

  31. Outsourcing - Identity management co-sourcing • It is an approach to enterprise identity management in which the identity service interacts directly or through some technical footprint with an organization’s Information Technology (IT) identity backend infrastructure (directories, databases, and other identity repositories) https://store.theartofservice.com/the-identity-management-toolkit.html

  32. Identity management • 'Identity management' (IdM) describes the management of individual Digital identity|principals, their Access control|authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. https://store.theartofservice.com/the-identity-management-toolkit.html

  33. Identity management • Identity Management and Identity and Access Management (or IAM) are used interchangeably in the area of Identity access management while identity management itself falls under the umbrella of IT Security. https://store.theartofservice.com/the-identity-management-toolkit.html

  34. Identity management • Identity management systems, products, applications and platforms manage identifying and ancillary data about entities that include individuals, computer-related hardware and applications. https://store.theartofservice.com/the-identity-management-toolkit.html

  35. Identity management • Technologies, services and terms related to identity management include Active directory|Active Directory, Service provider|Service Providers, Identity provider|Identity Providers, Web service|Web Services, Access control, Digital identity|Digital Identities, Password manager|Password Managers, Single sign-on|Single Sign-on, Security token|Security Tokens, Security Token Services (STS), Workflow application|Workflows, OpenID, WS-Security, WS-Trust, SAML 2.0, OAuth and RBAC. https://store.theartofservice.com/the-identity-management-toolkit.html

  36. Identity management • It covers issues such as how users are given an digital identity|identity, the protection of that identity and the technologies supporting that protection (e.g., Protocol (computing)|network protocols, public key certificate|digital certificates, passwords, etc.). https://store.theartofservice.com/the-identity-management-toolkit.html

  37. Identity management - Definitions • Identity management (IdM) is the task of controlling information about users on computers https://store.theartofservice.com/the-identity-management-toolkit.html

  38. Identity management - Definitions • , Recommendations of the National Institute of Standards and Technology, January 2009 https://store.theartofservice.com/the-identity-management-toolkit.html

  39. Identity management - Definitions • guidelines on protecting PII., The Center For Democracy Technology, September 14, 2007 It can be interpreted as the codification of identity names and attributes of a physical instance in a way that facilitates processing. https://store.theartofservice.com/the-identity-management-toolkit.html

  40. Identity management - Identity management functions • In the real-world context of engineering online systems, identity management can involve three basic functions: https://store.theartofservice.com/the-identity-management-toolkit.html

  41. Identity management - Identity management functions • # The pure identity function: Creation, management and deletion of identities without regard to access or entitlements; https://store.theartofservice.com/the-identity-management-toolkit.html

  42. Identity management - Identity management functions • # The user access (log-on) function: For example: a smart card and its associated data used by a customer to log on to a service or services (a traditional view); https://store.theartofservice.com/the-identity-management-toolkit.html

  43. Identity management - Identity management functions • # The service function: A system that delivers personalized, role-based, online, on-demand, multimedia (content), presence-based services to users and their devices. https://store.theartofservice.com/the-identity-management-toolkit.html

  44. Identity management - Pure identity • A general model of Identity (philosophy)|identity can be constructed from a small set of axioms, for example that all identities in a given namespace are unique, or that such identities bear a specific relationship to corresponding entities in the real world. Such an axiomatic model expresses pure identity in the sense that the model is not constrained by a specific application context. https://store.theartofservice.com/the-identity-management-toolkit.html

  45. Identity management - Pure identity • In general, an entity (real or virtual) can have multiple identities and each identity can encompass multiple attributes, some of which are unique within a given name space. The diagram below illustrates the conceptual relationship between identities and entities, as well as between identities and their attributes. https://store.theartofservice.com/the-identity-management-toolkit.html

  46. Identity management - Pure identity • In most theoretical and all practical models of digital identity, a given identity object consists of a finite set of Property (philosophy)|properties (attribute values). These properties record information about the object, either for purposes external to the model or to operate the model, for example in classification and retrieval. A pure identity model is strictly not concerned with the external semantics of these properties. https://store.theartofservice.com/the-identity-management-toolkit.html

  47. Identity management - Pure identity • The most common departure from pure identity in practice occurs with properties intended to assure some aspect of identity, for example a digital signature or software token which the model may use internally to verify some aspect of the identity in satisfaction of an external purpose. To the extent that the model expresses such semantics internally, it is not a pure model. https://store.theartofservice.com/the-identity-management-toolkit.html

  48. Identity management - Pure identity • Contrast this situation with properties that might be externally used for purposes of information security such as managing access or entitlement, but which are simply stored, maintained and retrieved, without special treatment by the model. The absence of external semantics within the model qualifies it as a pure identity model. https://store.theartofservice.com/the-identity-management-toolkit.html

  49. Identity management - Pure identity • In practice, identity management often expands to express how model contents is to be Provisioning|provisioned and Reconciliation (Accounting)|reconciled among multiple identity models. https://store.theartofservice.com/the-identity-management-toolkit.html

  50. Identity management - User access • User access enables users to assume a specific digital identity across applications, which enables access controls to be assigned and evaluated against this identity. The use of a single identity for a given user across multiple systems eases tasks for administrators and users. It simplifies access monitoring and verification and allows the organization to minimize excessive privileges granted to one user. User access can be tracked from initiation to termination of user access. https://store.theartofservice.com/the-identity-management-toolkit.html

More Related