IT Security Pundit: Identity Management : Key terms

In today’s digital landscape, Identity Management (IDM) plays a crucial role in ensuring secure and efficient access to systems, applications, and data. Organizations must manage user identities, authentication, and access controls to protect sensitive information and prevent unauthorized access.

Understanding key terms in Identity Management is essential for IT professionals, security teams, and business leaders to implement robust identity governance strategies. From authentication methods like Multi-Factor Authentication (MFA) to access control models such as Role-Based Access Control (RBAC), these concepts help define how identities are verified, authorized, and managed within an organization.

This guide will explore the essential terminology in Identity Management, helping you navigate the complexities of securing digital identities and maintaining regulatory compliance.

Authentication & Authorization

Authentication – Verifying a user's identity
Authorization – Granting or restricting access based on identity
Multi-Factor Authentication (MFA) – Using multiple methods (e.g., password + biometrics) to verify identity
Single Sign-On (SSO) – Allowing users to log in once and access multiple systems
Federated Identity – Using a shared identity across multiple organizations
Biometric Authentication – Using fingerprint, face, or iris scans for authentication

Identity & Access Management (IAM)

Identity Provider (IdP) – A system that verifies user identities
Access Control – Restricting access based on policies
Role-Based Access Control (RBAC) – Granting access based on roles
Attribute-Based Access Control (ABAC) – Granting access based on attributes like job title or location
Privileged Access Management (PAM) – Managing high-level administrative accounts
User Provisioning – Creating, managing, and deactivating user accounts

Security & Compliance

Zero Trust – A security model that assumes no implicit trust
Least Privilege Principle – Giving users the minimum access needed
Identity Governance – Managing compliance and policies for user identities
Directory Services – Centralized identity repositories like Active Directory (AD)
Audit Logs – Tracking identity-related activities
Identity Lifecycle Management – Managing identities from onboarding to offboarding

Authentication Protocols & Standards

OAuth 2.0 – A protocol for secure authorization
OpenID Connect (OIDC) – A protocol for authentication based on OAuth 2.0
SAML (Security Assertion Markup Language) – A standard for exchanging authentication data
Kerberos – A network authentication protocol
LDAP (Lightweight Directory Access Protocol) – A protocol for accessing and managing directory information

Identity Lifecycle

Categories

Identity Management : Key terms

Social

Recent

Popular

Comments

Archive

IAM Pillars

Tags

Labels

Popular Posts

Contact Form