Identity and Access Management

Identity management, also known as identity and access management (IAM) is, in computer security, the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons". It addresses the need to ensure appropriate access to resources across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.

Identity management (IdM) is the task of controlling information about users on computers. Such information includes information that authenticates the identity of a user, and information that describes information and actions they are authorized to access and/or perform. It also includes the management of descriptive information about the user and how and by whom that information can be accessed and modified. Managed entities typically include users, hardware and network resources and even applications.

Identity management can involve four basic functions:

• The pure identity function: Creation, management and deletion of identities without regard to access or entitlements.
• The user access (log-on) function: For example: a smart card and its associated data used by a customer to log on to a service or services.
• The service function: A system that delivers personalized, role-based, online, on-demand, multimedia (content), presence-based services to users and their devices.
• Identity Federation: A system that relies on federated identity to authenticate a user without knowing his or her password.