Beginner’s Guide to Identity and Access Management

Organizations around the world must ensure employees, customers and business partners all have appropriate, secure access to information and technology resources. Identity and access management solutions overcome the challenges of security of enterprise IT.

Before moving to heavy concepts on the security of IT systems, let me explain the foundation of secure access to the IT resources, Identity and Access Management(IAM) by dividing it into some questions.

What is identity??
Identity is a factor that can be used to recognize a person or a thing. We can use the name as the identity of someone. But there could be many people with the same name within a specific domain(school, company, organization…).

Same identity within a domain.

For security purposes, we might need a more specific way to uniquely identify a person or a thing. Solution — -> Authentication

What is authentication???
Authentication is the process of uniquely identifying a person or a device. When a user attempts to access a system or data, first he or she should claim the identity, typically by entering username and password into the system. The following three factors can be used for the authentication process.

-Something you know (such as a password, PIN)
-Something you have (such as a smart card, ID card)
-Something you are (such as a fingerprint or other bio-metric method)

Unique identity for everyone — Authentication

What is Authorization???
Authorization is the process of giving someone permission to do or to have something. In multi-user computer systems, a system administrator defines for the system in which users are allowed access to the system and what privileges of use (such as access to which file directories, hours of access, amount of allocated storage space, and so forth).

Now that you have the basic idea to understand the what is IAM. Let’s move on to the definition of Identity and Access management(IAM).

What is IAM?
Identity Access Management is a security discipline that manages identity and access privileges for a physical or virtual resource. IAM ensures that the user’s identity (authentication) and that they can access the applications and resources which they have permission to use (authorization).

Why we need IAM?
To clearly understand the importance of IAM, first, we look at how a traditional organization infrastructure manages identities and access privileges.

According to the traditional access management approach, every application in an organization manages the user’s identity and access privileges separately.

Let’s understand the issues of this approach using a simple scenario.

Emma wants to access three web applications in ABC organization according to her requirements. But she has to create accounts for every application with different usernames and passwords.

User accounts for three applications

If Emma wants to access multiple applications within the same organization and then She has to create an account and maintain credentials for every application. In that case, She’d probably either use the same password or create simple passwords for every application(data breaching) which means she has to remember each login credential(bad user experience). By the organization side, they also have to face issues such as less agile, low productivity and high IT costs, etc.

That’s where identity and access management solutions become more prevalent and critical in IT industry. IAM solves all problems in the traditional approach and provides more features to increase security. Let’s see main concepts of IAM briefly.

Main concepts of IAM???

1)Centralized Access Management-Handling user authentication and account management at a central system

2)User Provisioning-Creating and managing user accounts/identity information within the system

3)Single Sign-On (SSO)-Authenticating users once and allowing access to other associated applications

4)Multi-Factor Authentication-Authenticating users by challenging with multiple authentication factors, e.g., password, SMS, and fingerprint

5)Adaptive Authentication-Authenticating users by challenging with multiple authentication steps based on the users’ risk profile

6)Identity Federation-Authenticating users existing in an external identity provider

Are you searching for a high secure IAM solution? WSO2 Identity Server is the best open source IAM solution that provides the best features to ensure security in enterprise IT. You found the best solution:)

Thank you for reading my first-ever blog and hope you understand the basic idea of identity and access management. I’ll explain the main concepts of IAM and how IAM ensures the security of IT systems in my next blog. Any clarifications or suggestions for improvements are welcome :)

References :

  1. WSO2 documentations
  2. https://en.wikipedia.org/wiki/Authentication
  3. https://en.wikipedia.org/wiki/Authorization

Image resources:

https://www.google.com/search?q=identity+access+management&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiY-4jr967jAhXJMY8KHQ2yBnUQ_AUIECgB&biw=1853&bih=981#imgrc=LXC1i1ztqLRtoM:

https://www.google.com/search?q=authentication+and+authorization&client=ubuntu&hs=wSq&channel=fs&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiipbbRx67jAhUGNo8KHZr_Ao0Q_AUIECgB&biw=1853&bih=951#imgrc=XdhLHV-L1s-egM:

📝 Read this story later in Journal.

👩‍💻 Wake up every Sunday morning to the week’s most noteworthy stories in Tech waiting in your inbox. Read the Noteworthy in Tech newsletter.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store