Identity and Access Management Flashcards
IAM (Identity and Access Management)
is a framework of policies, processes, and technologies that is used to manage digital identities and control user access to resources within an organization
SSO Single Sign-on
is an authentication process that allows users to access multiple applications or services with a single set of credentials (username and password).
LDAP ( Lightweight Directory Access Protocol)
is a protocol used for accessing and managing directory information over a network. It is commonly used for authentication and authorization purposes, allowing applications to connect to a directory service to retrieve user and resource information.
X.500 Directory Information Tree
is a series of standards specified by the International Telecommunication Union (ITU) for directory services, which define how to structure and access directory information. At the core of X.500 is the Directory Information Tree (DIT), which organizes and stores directory entries in a hierarchical structure.
SAML Security Assertion Markup Language
is an open standard for exchanging authentication and authorization data between parties, particularly between an identity provider (IdP) and a service provider (SP). SAML is primarily used for Single Sign-On (SSO) scenarios
OAuth
is an open standard for access delegation commonly used for token-based authentication and authorization on the internet. It allows third-party applications to obtain limited access to a user’s resources without exposing their credentials. OAuth is widely used by various web services, enabling users to grant access to their data stored on one site to another site without sharing their passwords
Federation
refers to the establishment of a trust relationship between multiple identity providers (IdPs) and service providers (SPs) that allows users to authenticate and access resources across different domains or organizations seamlessly. Federation enables Single Sign-On (SSO) capabilities across disparate systems, facilitating a smoother user experience and improved security.
Interoperability
refers to the ability of different systems, applications, or organizations to work together and communicate effectively. In the context of technology and information systems, interoperability ensures that diverse software and hardware components can exchange data and use the information that has been exchanged without requiring special effort by the user.