This article enlists the most common IAM systems terms that will help you gain a better insight on how the IAM systems work and will help you understand the navigation of the system better.
This is the security clearance or extent or permissions provided to a user. This can be deemed as key cards for security purpose where every sector has a minimum level needed and the level of clearance an identity that determines how much of the facility they can access.
This is a kind of authentication that scans the unique features of a user like fingerprint scans, voice recognition, facial recognition or iris and retina scans. This is an additional layer of security that makes sure that the only person access the user data is the user himself.
These are the details that help in gaining access to the network like biometric data or password.
- Digital Identity
Digital identity is the unique identifier of the user that is linked to all the info like which roles they are assigned to and the devices from where they gain access to the network.
- Multi-factor Authentication or MFA or 2FA
When different forms of authentication are used for verifying the user trying to access the network via the digital identity is, in fact, that user. An instance for Multi-factor Authentication or MFA or 2FA is needing the users to provide their passwords and biometric data such as fingerprint scan, giving a code sent via SMS on their phone or on mail, or a physical key like smart card or USB stick that contains access codes preserved inside the medium.
- Risk based Authentication or RBA
Risk based Authentication or RBA dynamically adjusts on the basis of environment where the user tries to offer extra forms of authentication if a user tries to sign in the network from a new IP address or from a geographic area from where they usually don’t gain access the account from. This is where MFA approaches come in handy.
- Single Sign-on or SSO
Single Sign-on or SSO gives user control by entering their credentials for accessing the network and giving them permissions for accessing any other services or resources in the network where they have privileges with no extra authentication for every service they wish to use.