Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Identity and access management
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Pure identity === A general model of [[Identity (philosophy)|identity]] can be constructed from a small set of axioms, for example that all identities in a given [[namespace]] are unique, or that such identities bear a specific relationship to corresponding entities in the real world. Such an axiomatic model expresses "pure identity" in the sense that the model is not constrained by a specific application context. In general, an entity (real or virtual) can have multiple identities and each identity can encompass multiple attributes, some of which are unique within a given name space. The diagram below illustrates the conceptual relationship between identities and entities, as well as between identities and their attributes. [[File:Identity-concept.svg|400 px|Identity conceptual view]] In most theoretical and all practical models of [[digital identity]], a given identity object consists of a finite set of [[Property (philosophy)|properties]] (attribute values). These properties record information about the object, either for purposes external to the model or to operate the model, for example in classification and retrieval. A "pure identity" model is strictly not concerned with the external [[semantics]] of these properties. The most common departure from "pure identity" in practice occurs with properties intended to assure some aspect of identity, for example a [[digital signature]] or [[software token]] which the model may use internally to verify some aspect of the identity in satisfaction of an external purpose. To the extent that the model expresses such semantics internally, it is not a pure model. Contrast this situation with properties that might be externally used for purposes of [[information security]] such as managing access or entitlement, but which are simply stored, maintained and retrieved, without special treatment by the model. The absence of external semantics within the model qualifies it as a "pure identity" model. Identity management can thus be defined as a set of operations on a given identity model, or more generally, as a set of capabilities with reference to it. In practice, identity management often expands to express how model content is to be [[provisioning (technology)|provisioned]] and [[Reconciliation (Accounting)|reconciled]] among multiple identity models. The process of reconciling accounts may also be referred to as de-provisioning.<ref>{{Cite web |title=What is IAM? Identity and access management explained |url=https://www.csoonline.com/article/518296/what-is-iam-identity-and-access-management-explained.html |access-date=2024-04-24 |website=CSO Online |language=en}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)