Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 01_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM) PDF
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 08_ocred.pdf
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM)_fax_ocred.pdf
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 01_ocred_fax_ocred.pdf
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 02_ocred_fax_ocred.pdf
- Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 07_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 Module Discuss Access Control Principles, Terminologies, and Models !. l \ Flow i. Discuss Identity and Access Management (IAM) L All Rights Reserved. Reproduction is Strictly Prohibited Discuss Identity...
Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 Module Discuss Access Control Principles, Terminologies, and Models !. l \ Flow i. Discuss Identity and Access Management (IAM) L All Rights Reserved. Reproduction is Strictly Prohibited Discuss Identity and Access Management (IAM) In an enterprise security, Identity and Access Management (IAM) plays an important role. It ensures that only authorized users have access to the network resources. The objective of this section is to explain the role of IAM and the security terminologies associated with it. Module 04 Page 463 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Identity and Access Management O (IAM) 1AM is responsible for providing the right individual with right access at the right time Access Management V | Authentication Authorization Identity Management Identity Repository | Identity Management Copyright © by EC L All Rights Reserved. Reproductionis Strictly Prohibited 1 Identity and Access Management (IAM) (Cont’d) System Requester E a; ' Administrator App 3 3 ‘ Application Identity Management (iom) Application | — | ‘ i Identity. Repository | : Iy Human Resource L —8 |e——ro e Access ' —| - Management (Am) Application - i @.‘ e 3 (HR) Customer relationship management (cRM) Application. Application [¢+— g [ } Users Copyright © by EC- cil All Rights Reserved. Reproduction is Strictly Prohibited Identity and Access Management (IAIM) Identity and access management (IAM) is responsible for providing the right individual with the right access at the right time. It offers a role-based access control to the customers or employees of an organization for accessing critical information within the enterprise. It comprises of business processes, policies, and technologies that allow monitoring electronic or digital identities. IAM products provide the system administrators with tools and technologies for regulating user access (i.e., creating, managing, and removing access) to systems or Module 04 Page 464 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization networks based on the roles of individual users within the enterprise. Organizations generally prefer an all-in-one authentication implementation which can be extended to identity a federation. This is because the identity federation includes IAM with a single sign-on (SSO) and a centralized active directory (AD) account for a secured management. Organizations should ensure the correctness of data for the proper functioning of the IAM framework. An IAM framework can be divided into four areas, namely, authentication, authorization, user management, and central user repository/identity repository. All the IAM components are grouped under these four areas. Access Management Authentication Authorization Identity Management Identity Repository Identity Management Figure 4.7: 1AM Classification Working of an IAM: System Requester Administrator Approver & Identity oA Management (1DM) E Application Application - ry |¢—— — » ldentity Repository z Access iSRS Py " Human Management ~| Application |[¢+—— (AM) @ Resource (HR) Customer relationship management (CRM) —3 Application Application Users Figure 4.8: Working of IAM The key responsibility of the identity management (IDM) framework is to manage the shared identity repository that is being accessed by the applications and the access management system. Module 04 Page 465 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 Identity O Identity refers to a set of attributes linked to an entity that can be stored and authenticated digitally User Identification Verifies user id