IAM
Summary #
IAM
Four Main Components of IAM #
The four main components of IAM include: Authentication, Authorization, Administration, and Auditing and Reporting. ref
Authentication #
Authorization #
Administration #
This component of the IAM system manages users’ accounts, groups, permissions, and password policies.
Auditing and Reporting #
Auditing and reporting as a component deals with examining, recording, and adequately reporting users’ access logs and all security-related activities within the system. ref
Top IAM Tools or Sub-Components #
Single Sign-On (SSO) #
Certificate-based Authentication #
- This authentication method is similar to the above but doesn’t require an email/username and password for logging into the IAM system. Instead, it relies on a digital certificate issued by a trusted certificate authority (IAM).
- The certificate authority signs the digital certificate containing the user’s public key, which has the user’s identity information.
- The purpose of an email and password is for a user to prove their identity using knowledge-based proof.
- Certificate-based authentication solves the same problem of proof by using a certificate containing the user’s identity and is secure by Cryptography, making it unfalsifiable. Cryptography as a technology is also used in verifiable credentials, another term for certification that can be used for identity confirmation or claim confirmation.