Identity and Access Management

Full Title or Meme

Identity and Access Management is the combination of Identity Management and Access Management.

Context

Computer asset management is typically approached by listing the identifiers of real-world entities and developing some method, like Role Management to determine which computer asset can be accessed by the Principal identifier that is representative of that real-world entity.
In this context Identity is taken to be the Identifiers and Attributes held by a Data Controller in a User Object.

Solutions

There are many proposals for what IAM should include including one attempt at an IAM Reference Architecture.^[1] The generic approach seems to separate the Identity Proofing from the Access control as was implemented by Kerberos. In other words, there is a trusted gatekeeper who decides who is worthy of admission.

Theoretically a Decentralized ID technology can break free of this centralized gatekeeper, but then we need some sort of Trust guarantor, which is, itself, a centralized concept.

References

↑ George B. Dobs, IAM Reference Architecture ID Pro (2024-08) https://bok.idpro.org/article/id/76/

[1] George B. Dobs, IAM Reference Architecture ID Pro (2024-08) https://bok.idpro.org/article/id/76/

[1]

Identity and Access Management

Contents

Full Title or Meme

Context

Solutions

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools

Sidebar Links