Identity and Access Management: Glossary

The unique need for enterprise security is changing the way…

… enterprise owners & corporate executives are adopting Identity and Access Management (IAM) solutions.

The worldwide cost of cybercrime will extend by 15% per year over the coming five years, as per cybersecurity ventures.

Therefore, to combat such neck-breaking security threats, enterprises should leverage IAMs & understand the key terminologies associated with this discipline.

A:

Access Management:

It is a mechanism of identifying, controlling, tracking & managing authorized users of an organization who takes access to the enterprise network or system through IAM software.

It also deals with providing the privileges and level of access for every employee as well as groups within the system.

IAM solutions provide authorized access management services to protect the enterprise resources against unauthorized access and breaches.

Authentication:

Authentication, in context to computer security, is the process of assuring and verifying the user through his/her valid digital identity.

It is a security mechanism where a user needs to validate his or her identity to make a successful login attempt for accessing any resource.

Authorization:

It is the process of giving authority to a user to access a resource as well as determine the access level and privileges towards a particular enterprise asset or resource.

Adaptive Multi-Factor Authentication:

It is a technique of adapting to login parameters dynamically, based on different authentication scenarios and situations.

Once the system identifies that the login was suspicious or not from usual parameters like browser, geolocation, etc., adaptive multi-factor authentication turns on, asking for an additional authentication factor to re-verify the user.

Authentication Factors:

These are specific sorts of security credentials that help identify a user during authorization attempts.

Some well-known authentication factors are biometric authentication, hardware-based authentication, smart authentication, password less authentication, etc.

Attack Surface:

It is the overall surface area, attack vector, or the number of potential points within the software’s environment where the threat actor or unauthorized user can attack or perform malicious actions to compromise it or breach its data.

B:

Brute Force:

It is a technique where the attacker systematically attempts all the possible letters using permutation and combination.

The entire operation takes place with the help of an automated script that leverages computer processing to find the right combination of passwords to enter an account.

Breach:

A breach or security breach is a cyber incident where an attacker maliciously or without authority gains access into a system, network, or computer.

In other words, it is a break-in action accomplished by an attacker to steal sensitive information or harm the system of an organization.

C:

Central Authentication Service (CAS):

It is a protocol that provides a single sign-on service for the web and other applications.

Its primary function is to authorize users to access numerous applications by providing a single login credential.

Cloud Identity Management:

These are identity management solutions hosted on the cloud that provides authorization and authentication functions.

It is an alternative to traditional identity management systems, where the user identity gets handled on-premises in a monolithic application.

In cloud identity management, the entire identity infrastructure runs on the cloud.

It also caters to various types of authentications like single sign-on, multi-factor authentication, hardware-based authentication, etc.

Credentials:

Credentials are data used for verification purposes for identifying legitimate users during authentication.

This data resides in the server or cloud.

When users try to login to the application, the application matches those credentials stored in the cloud to provide the required access.

Some well-known user credentials are username, phone number, email ID, PIN, passwords, paraphrases, etc.

Know more: https://vsecurelabs.co/identity-and-access-management-glossary/