Abstract

Identity and access management (IAM) done right, could be a key catalyst in building a successful business in the era of digital transformation. IAM addresses the mission-critical needs to ensure appropriate access to resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements. IAM as a security practice is a crucial undertaking for any enterprise. It is increasingly business-aligned and in addition to technical expertise, requires business skills.

There are multiple components in an IAM system: provisioning (or on-boarding), accounts management, identity governance, identification (or authentication), access control (or authorization) and identity federation. IAM is a broad area, hence these components can be further divided into specific sub-components. For instance, provisioning alone focuses on inbound/outbound provisioning of user accounts, just-in-time provisioning, approval workflows  while  accounts management talks about privileged accounts management, credential management, users/groups/roles management.

This white paper will focus more on the low-level design principles an IAM architect must consider when building an IAM infrastructure from ground-up.

Links

https://wso2.com/whitepapers/identity-architect-ground-rules-ten-iam-design-principles/

Citation

Siriwardena, P., 2017. Identity Architect Ground Rules: Ten IAM Design Principles (White Paper). WSO2.