The Origins of IAM
Title | The Origins of IAM |
---|---|
Contributors |
|
Version |
|
Summary | In this note, I try to describe the origin of IAM in computer science. |
TODO | Prepare a time line check for the first known occurrences of key IAM terms Complement this note with key historical moments in computer science history Establish a timeline of key IAM historical events |
See Also |
|
Timeline
Key IAM Historical Events
In 1967, Petersen and Turn observed that, with the advance of computer time-sharing technology, simultaneous access by remote users was becoming possible and this naturally posed the question of protecting the programs and data of one user from the unauthorized access of the other users. Until then, the question of protecting systems from information disclosure caused by accidental reasons such as bugs had been studied, but sparse attention had been given until then to protecting systems from deliberate actions from users, including active infiltration using legitimate access to “browse” unauthorized files or “masquerading” the identity of others. The authors used the expression Access Management to designate the set of authorization, identification and authentication procedures and the Access Control to designate the mechanism that limits access to files based on a maintained list of authorized users. They advised that access should only be permitted on the basis of an authenticated "need to know”. This seminal article may be viewed as one possible origin of a complex field of study that some call today Identity and Access Management, or IAM.
Bibliography
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.