4.1 Compare and contrast identity and access management concepts. Flashcards
What is the concept of uniquely naming and referencing each individual user, program, and system component?
Identity
Identification
The assertion or claiming of an identity
Authentication
The act of proving or verifying the claimed identity
Authorization
The mechanism that controls what a subject can or can’t do with their access.
Accounting
A record that is preserved of who accessed the network, what resources they accessed, and when they disconnected from the network.
Multifactor Authentication
The requirement that a user must provide two or more authentication factors in order to prove their identity.
Federation or Federated Identity
a means of linking a subject’s accounts from several sites, services, or entities in to a single account. SAML
Single Sign-On (SSO)
means that once a user is authenticated into the domain or network, they don’t need to reauthenticate to access resources on any domain or network entity.
Number 1 multifactor authentication in the world is
CAC and PIN
type 1 authentication
Something you know (PIN/Password)
type 2 authentication
Something you have (CAC/Token)
type 3 authentication
Something you are (Fingerprint/Iris)
Something you do
An action you take (How you sign your signature)
Somewhere you are
(Geo-location) Where you are located physically
Kerberos
SSO for remote access.