Identity and Access Management

Identity Access Management

Definition:

"Identity and Access Management (IAM) is an administrative process coupled with a technological solution which validates the identity of individuals and allows owners of data, applications, and systems to either maintain centrally or distribute responsibility for granting access to their respective resources to anyone participating within the IAM framework."(1)

How it started:

The world is changing and every day new technology boom out from nowhere, therefore the competition in the market place is becoming strong and every company is competing aggressively to reach their goals. Therefore; every company needs a security system that impose polices, which helps the firm in controlling it working place and keeping their internal sensitive information between the hands of trusted people.

The important of identity access management wasn't only based on the privet cooperation it also, used for governmental needs. Identity management increased after President Bush issued Homeland Security Presidential Directive 12 in 2004, which required that every employee have credentials which include a chip that has all the person information in it and what he is authorized to access. The IAM is developing, and the implementation of the system is increasing all around the world, the reason behind it, is to control the employee movement and access in the cooperation system. (2)

The function components:

The user enter the software, the business process will accept or reject the access to the digital or physical resources of the company, it's the function where establishing and retiring identities for accessing the system, and its considered to be auditable process, that can be adjusted (use provisioning). User after that will be allocated to resources, the software can access all individual information using a management model (access management) .An employee (delegated administration) will grant the responsibility to have the control on particular group ,he will have the authority to modify, add, and delete the users. The employees are allowed to great their account and modify it whenever they need (self registration self service).The identity change -request approval process will be controlled (work flow) .System can trace the user work, and report all the information access by an individual (auditing, logging, and reporting). User name will be confirmed by a password or other trust model (authentication).The system can use integrality function to link multiple users in one group for easier work flow (integration).(1)