Skip to content

Latest commit

 

History

History

access-management

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
oauth2.0.md
oauth2.0.md
 
 

README.md

Access Management

Source:

1. Introduction

Access Management is a security practice that focuses on controlling and monitoring access to data, resources, and systems within an organization. It helps make sure that only explicitly authorized individuals have appropriate permissions to access specific information or perform certain tasks.

Access management typically involves user authentication, role-based access control, and the enforcement of access policies. By implementing an effective access management system, organizations can reduce unauthorized access risks, data breaches.

2. How an Access Management Systems Works?

Access management is a process that involves several key steps:

  • Authentication: the process of verifying the identity of a user, typically through a username and password, or through more advanced methods such as biometrics or multi-factor authentication.
  • Authorization: the process of determining what resources and information a user is authorized to access, based on their role, permissions, and access levels. This involves checking the user's credentials against a database of authorized users, and verifying that the user has the necessary permissions to access the requested resources.
  • Access control: the process of granting or denying access to resources and information based on the user's authorization. Access control mechanisms may include access control lists (ACLs), role-based access control (RBAC), or attributed-based access control (ABAC).
  • User management: involves creating, modifying, and deleting user accounts, and managing user attributes such as roles, permissions, and access levels. User management also involves enforcing policies for password management, account lockout, and user account maintenance.
  • Preventing unauthorized access.

3. Access Management Methods and Protocols

  • Role-based access control (RBAC).
  • Attribute-based access control (ABAC)
  • Policy-based access control (PBAC).
  • Single Sign-On (SSO).
  • Open Authorization (OAuth).
  • OpenID Connect (OIDC).
  • Lightweight Directory Access Protocol (LDAP).
  • Security Assertion Markup Language (SAML).
  • Web Authentication API (WebAuthn).

4. Types of Access Management Solutions

  • Identity and Access Management (IAM): a comprehensive approach to managing and securing user identities, access rights, and authentication within an organization.
  • Privileged Access Management (PAM): focuses specifically on securing and controlling access to highly sensitive systems, resources, and data that require elevated permissions, often referred to as “privileged” access.
  • Customer Identity and Access Management (CIAM): a specialized IAM solution designed to manage and secure the digital identities, access rights, and customer data of external users, such as customers, partners, or clients.
  • Identity Governance and Administration (IGA): IGA focus on the management, governance, and compliance aspects of access management.