Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Identity and access management
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Definitions == Identity management (ID management) β or identity and access management (IAM) β is the organizational and technical processes for first registering and authorizing access rights in the configuration phase, and then in the operation phase for identifying, authenticating and controlling individuals or groups of people to have access to applications, systems or networks based on previously authorized access rights. Identity management (IdM) is the task of controlling information about users on computers. Such information includes information that [[Authentication|authenticates]] the identity of a user, and information that describes data and actions they are [[Authorization|authorized]] to access and/or perform. It also includes the management of descriptive information about the user and how and by whom that information can be accessed and modified. In addition to users, managed entities typically include hardware and network resources and even applications.<ref>{{Cite web|url=https://searchsecurity.techtarget.com/definition/identity-management-ID-management|title=What is identity management (ID management) ? β Definition from WhatIs.com|website=SearchSecurity|language=en|access-date=2019-12-20}}</ref> The diagram below shows the relationship between the configuration and operation phases of IAM, as well as the distinction between identity management and access management. [[Image:Fig-IAM-phases.png|400 px|Phases and steps of IAM]] [[Access control]] is the enforcement of access rights defined as part of [[Authorization|access authorization]]. [[Digital identity]] is an entity's online presence, encompassing personal identifying information (PII) and ancillary information. See [[OECD]]<ref> [http://www.oecd.org/dataoecd/36/30/38573952.pdf Functional requirements for privacy enhancing systems] Fred Carter, OECD Workshop on Digital Identity Management, Trondheim, Norway, 9 May 2007 (PPT presentation)</ref> and [[NIST]]<ref>[http://csrc.nist.gov/publications/drafts/800-122/Draft-SP800-122.pdf Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)] {{Webarchive|url=https://web.archive.org/web/20090813014849/http://csrc.nist.gov/publications/drafts/800-122/Draft-SP800-122.pdf |date=13 August 2009 }}, Recommendations of the National Institute of Standards and Technology, January 2009</ref> guidelines on protecting PII.<ref>[http://www.cdt.org/privacy/issues/pii/ PII (Personally Identifiable Information)] {{webarchive|url=https://web.archive.org/web/20090428062932/http://www.cdt.org/privacy/issues/pii/ |date=28 April 2009 }}, The Center For Democracy & Technology, 14 September 2007</ref> It can be interpreted as the codification of identity names and attributes of a physical instance in a way that facilitates processing.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)