Identity - the primary security perimeter Flashcards
What is an identity?
Things that define/characterize a person or something
What can identity be associated with?
User
application
device
Other
What are the four pillars of identity infrastructure?
Administration - creating/managing identities for users, devices and services
Authentication- proving a person is who they say they are
Authorization - deciding what that person can do
Auditing - tracking who does what/ reports and alerts
What are the 3 entities of modern authentication?
Servers
Clients
Identity providers (IdP)
What is the use of an Identity Provider (IdP)?
they create, maintain and manage identity information while offering authentication, authorization and auditing services
What is the role of a token given to the client by the IdP?
the security token is given to the client (mobile/laptop) and is then sent to the server. The server then validates the security token via its “trust relationship” with the IdP.
The token allows the user/application to access the requested resources
What is an example of a cloud based IdP?
Microsoft Entra ID
What is single sign on (SSO)?
user is able to log in once with one set of credentials that will allow access to multiple applications or resources
What is the term given to SSO between multiple IdPs?
Federation