Identity and Access Management


  • Identity
    • An identity is the unique identifier of an entity.
    • An entity is anything that exists or comes into being.
  • Identification
    • Identification is the process for a subject to confess or present its identity to the authentication server.
  • Authentication
    • Authentication is the process for the authentication server to verify if the identity presented by the subject is authentic against the directory or account repository.
    • An access token is returned if the authentication succeeds.
  • Authorization
    • Authorization is the process for the service or resource provider to determine if the access request can be granted to the subject based on the access token presented and the access control matrix.
  • Accounting
    • Accounting is the process for the service or resource provider to generate records or logs against the subject’s activities so that the accountability can be enforced.
  • Session
    • A session is a two-way communication during a period of time with specific start and closure time.
    • It’s common for applications to track user activities during the session from logging in to logging out.
  • Get Started Your CISSP Journey!

Leave a Reply