SlideShare una empresa de Scribd logo

Identity & access management

V
Vandana Verma

Identity & access management

Tecnología
1 de 11
Identity & Access Management(IAM) IAM Introduction and Concepts associated By Aastha Sahni
Introduction • IAM is an essential function for protecting the privacy of information, enhancing user experience, enabling accountability, and controlling access to an organization’s assets. • IAM is the collection of processes and technology used to manage digital identities and the resource access provided through them.
IAM Associated Terms • Identity • Entitlements • Account • Scope • Workgroups • Workflows • Roles • Reconciliation • Provisioning • Integration services – like ServiceNow.
How Access Management works Lets start with a basic understanding how access management works in digital world: • An identity in digital world is identified as a unique user. • Each identity has an account on a application to which is onboarded. • Each identity has right to request for access (access request) for application’s entitlements on which they have account. • Each identity access request is approved by a approver. • Certifications or roaster reviews are there to review access. • Auditing & reports are part of audit log trails and monitoring reports generation. • Provisioning and de-provisioning is performed as part of grant/revoke access in a target system through IAM mechanism.
Access Management Some of the components of Access Management: • Establishing unique identities and associated authentication credentials. • Authoritative source is maintained as a central repository for storage. • Providing capability to identities to request entitlements. • Assigning roles or entitlements to identities. • Managing offboarding and other business work processes by workflows. • Providing capability to approve, revoke, review or certify entitlements or roles assigned to users.
Identity & Access Governance
IAM Framework functioning – Identity Request • Once an identity is onboarded into a IAM system, it has an account on the application to which its access needs to be managed. • Entitlements are present in the IAM framework through the process of direct or indirect aggregation. • Identity raises an access request for an entitlement which is thereafter approved by the respective supervisor or approver. • Each access request is associated with a provisioning plan how the request will be processed. • Once approved, the granted access is provisioned at the target end and the entitlement granted to the identity will be aggregated in the next aggregation process. • Each event triggered for an identity like creation, deletion, job change, modification etc calls for a business process known as workflow in terms of IAM. • Each workflow works as set of logical process through which all IAM business processes are implemented at the backend.
IAM Framework functioning – Roles & Rules Management • Roles are another way of providing access to an identity, where roles are either assigned or detected. • Roles can be of any type from organisational to entitlement level. • Roles can have inheritance property as well, overlapping of roles is also allowed. • Rules are logic which can be written in scripting language, Boolean operations etc which are implemented at runtime from the executing module. • Rules are customized and are implemented specifically to cater certain security or business requirement.
IAM Framework functioning: Aggregation & Provisioning • Target application data is pulled into IAM framework through aggregation process. Provisioning on other hand is defined as the process of granting/revoking access in target system. • Aggregation is the process of connecting the IAM framework to the target application database through logical connections implemented through integrating services. • Certain applications which are not connected to IAM framework directly, there aggregation process and provisioning mechanism is customized as per the business requirement and indirect integrating services
IAM Framework functioning – Certifications • Certifications refers to access review or access roaster mechanism. • Certifications are performed over a period of time monthly, quarterly and annually as per requirement. • For performing certification a certifier is assigned certain work items which contains access of various identities. • The purpose of certifications is to review appropriate access and to check if there is any inappropriate access which should be revoked.
IAM tool – SailPoint • Gartner’s SailPoint is one of the leading IAM and IAG tool. • It is an open identity management platform (from 7.0 release) which provides modern security. • SailPoint provides the most flexible and user friendly IAM framework. • SailPoint manages user applications on premises as well as on cloud. • SailPoint has three major solutions : • IdentityIQ (On-premises Access Management solution) • IdentityNow (Cloud based Access Management solution) • SecurityIQ (Security to unstructured data)

Recomendados

Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Aujas
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 

Recomendados

Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Aujas
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
Iam presentation
Iam presentationIam presentation
Iam presentationAWS UG PK
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access managementPiyush Jain
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Identity & Access Governance
Identity & Access GovernanceIdentity & Access Governance
Identity & Access GovernanceHorst Walther
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelSarah Moore
 
CyberArk
CyberArkCyberArk
CyberArkJimmy Sze
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsAlain Huet
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewITJobZone.biz
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptxAnand Dhouni
 

Más contenido relacionado

La actualidad más candente

5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
Iam presentation
Iam presentationIam presentation
Iam presentationAWS UG PK
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access managementPiyush Jain
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Identity & Access Governance
Identity & Access GovernanceIdentity & Access Governance
Identity & Access GovernanceHorst Walther
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelSarah Moore
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsAlain Huet
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 

La actualidad más candente (20)

5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
 
Iam presentation
Iam presentationIam presentation
Iam presentation
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Identity & Access Governance
Identity & Access GovernanceIdentity & Access Governance
Identity & Access Governance
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
 
CyberArk
CyberArkCyberArk
CyberArk
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling concepts
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity Management
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
 

Similar a Identity & access management

Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewITJobZone.biz
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptxAnand Dhouni
 
Evolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access managementEvolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access managementEvolveum
 
Managing Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeManaging Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeSysfore Technologies
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsEryk Budi Pratama
 
Identity and Access Management (IAM) in Cloud Computing
Identity and Access Management (IAM) in Cloud ComputingIdentity and Access Management (IAM) in Cloud Computing
Identity and Access Management (IAM) in Cloud ComputingCiente
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns WSO2
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...IBM Security
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industryAjit Dadresa
 
Sailpoint Identity IQ Online Training.pptx
Sailpoint Identity IQ Online Training.pptxSailpoint Identity IQ Online Training.pptx
Sailpoint Identity IQ Online Training.pptxJayanthvisualpath
 

Similar a Identity & access management (20)

Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx
 
Evolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access managementEvolveum: All you need to know about identity & access management
Evolveum: All you need to know about identity & access management
 
Co p
Co pCo p
Co p
 
Co p
Co pCo p
Co p
 
Managing Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeManaging Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | Sysfore
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOps
 
Identity and Access Management (IAM) in Cloud Computing
Identity and Access Management (IAM) in Cloud ComputingIdentity and Access Management (IAM) in Cloud Computing
Identity and Access Management (IAM) in Cloud Computing
 
IDSA at Denver IAM Meetup
IDSA at Denver IAM MeetupIDSA at Denver IAM Meetup
IDSA at Denver IAM Meetup
 
Silicon Valley IDSA Meetup October 2018
Silicon Valley IDSA Meetup October 2018 Silicon Valley IDSA Meetup October 2018
Silicon Valley IDSA Meetup October 2018
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAM
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
IDSA at Charlotte IAM Meetup
IDSA at Charlotte IAM MeetupIDSA at Charlotte IAM Meetup
IDSA at Charlotte IAM Meetup
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
Sailpoint Identity IQ Online Training.pptx
Sailpoint Identity IQ Online Training.pptxSailpoint Identity IQ Online Training.pptx
Sailpoint Identity IQ Online Training.pptx
 

Más de Vandana Verma

Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelinesVandana Verma
 
Applying OWASP web security testing guide (OWSTG)
Applying OWASP web security testing guide (OWSTG)Applying OWASP web security testing guide (OWSTG)
Applying OWASP web security testing guide (OWSTG)Vandana Verma
 
Running an app sec program with OWASP projects_ Defcon AppSec Village
Running an app sec program with OWASP projects_ Defcon AppSec VillageRunning an app sec program with OWASP projects_ Defcon AppSec Village
Running an app sec program with OWASP projects_ Defcon AppSec VillageVandana Verma
 
SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalVandana Verma
 
Sacon 2020 living in the world of zero trust v1.0
Sacon 2020 living in the world of zero trust v1.0Sacon 2020 living in the world of zero trust v1.0
Sacon 2020 living in the world of zero trust v1.0Vandana Verma
 
Addo 2019 vandana_dev_secops_culturalchange
Addo 2019 vandana_dev_secops_culturalchangeAddo 2019 vandana_dev_secops_culturalchange
Addo 2019 vandana_dev_secops_culturalchangeVandana Verma
 
App Sec village DevSecOps as a culture
App Sec village DevSecOps as a cultureApp Sec village DevSecOps as a culture
App Sec village DevSecOps as a cultureVandana Verma
 
Web sockets - Pentesting
Web sockets - Pentesting Web sockets - Pentesting
Web sockets - Pentesting Vandana Verma
 
Story of http headers
Story of http headersStory of http headers
Story of http headersVandana Verma
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template InjectionVandana Verma
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor NeutralityVandana Verma
 
Getting started with android
Getting started with androidGetting started with android
Getting started with androidVandana Verma
 
Importance of Penetration Testing
Importance of Penetration TestingImportance of Penetration Testing
Importance of Penetration TestingVandana Verma
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsVandana Verma
 
OWASP - Dependency Check
OWASP - Dependency CheckOWASP - Dependency Check
OWASP - Dependency CheckVandana Verma
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in CloudVandana Verma
 

Más de Vandana Verma (18)

Building security into the pipelines
Building security into the pipelinesBuilding security into the pipelines
Building security into the pipelines
 
Applying OWASP web security testing guide (OWSTG)
Applying OWASP web security testing guide (OWSTG)Applying OWASP web security testing guide (OWSTG)
Applying OWASP web security testing guide (OWSTG)
 
Running an app sec program with OWASP projects_ Defcon AppSec Village
Running an app sec program with OWASP projects_ Defcon AppSec VillageRunning an app sec program with OWASP projects_ Defcon AppSec Village
Running an app sec program with OWASP projects_ Defcon AppSec Village
 
SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma Sehgal
 
Sacon 2020 living in the world of zero trust v1.0
Sacon 2020 living in the world of zero trust v1.0Sacon 2020 living in the world of zero trust v1.0
Sacon 2020 living in the world of zero trust v1.0
 
Addo 2019 vandana_dev_secops_culturalchange
Addo 2019 vandana_dev_secops_culturalchangeAddo 2019 vandana_dev_secops_culturalchange
Addo 2019 vandana_dev_secops_culturalchange
 
App Sec village DevSecOps as a culture
App Sec village DevSecOps as a cultureApp Sec village DevSecOps as a culture
App Sec village DevSecOps as a culture
 
Oscp - Journey
Oscp - JourneyOscp - Journey
Oscp - Journey
 
Web sockets - Pentesting
Web sockets - Pentesting Web sockets - Pentesting
Web sockets - Pentesting
 
Story of http headers
Story of http headersStory of http headers
Story of http headers
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
Basics of Server Side Template Injection
Basics of Server Side Template InjectionBasics of Server Side Template Injection
Basics of Server Side Template Injection
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor Neutrality
 
Getting started with android
Getting started with androidGetting started with android
Getting started with android
 
Importance of Penetration Testing
Importance of Penetration TestingImportance of Penetration Testing
Importance of Penetration Testing
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
 
OWASP - Dependency Check
OWASP - Dependency CheckOWASP - Dependency Check
OWASP - Dependency Check
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in Cloud
 

Último

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 

Último (20)

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 

Identity & access management

  • 1. Identity & Access Management(IAM) IAM Introduction and Concepts associated By Aastha Sahni
  • 2. Introduction • IAM is an essential function for protecting the privacy of information, enhancing user experience, enabling accountability, and controlling access to an organization’s assets. • IAM is the collection of processes and technology used to manage digital identities and the resource access provided through them.
  • 3. IAM Associated Terms • Identity • Entitlements • Account • Scope • Workgroups • Workflows • Roles • Reconciliation • Provisioning • Integration services – like ServiceNow.
  • 4. How Access Management works Lets start with a basic understanding how access management works in digital world: • An identity in digital world is identified as a unique user. • Each identity has an account on a application to which is onboarded. • Each identity has right to request for access (access request) for application’s entitlements on which they have account. • Each identity access request is approved by a approver. • Certifications or roaster reviews are there to review access. • Auditing & reports are part of audit log trails and monitoring reports generation. • Provisioning and de-provisioning is performed as part of grant/revoke access in a target system through IAM mechanism.
  • 5. Access Management Some of the components of Access Management: • Establishing unique identities and associated authentication credentials. • Authoritative source is maintained as a central repository for storage. • Providing capability to identities to request entitlements. • Assigning roles or entitlements to identities. • Managing offboarding and other business work processes by workflows. • Providing capability to approve, revoke, review or certify entitlements or roles assigned to users.
  • 6. Identity & Access Governance
  • 7. IAM Framework functioning – Identity Request • Once an identity is onboarded into a IAM system, it has an account on the application to which its access needs to be managed. • Entitlements are present in the IAM framework through the process of direct or indirect aggregation. • Identity raises an access request for an entitlement which is thereafter approved by the respective supervisor or approver. • Each access request is associated with a provisioning plan how the request will be processed. • Once approved, the granted access is provisioned at the target end and the entitlement granted to the identity will be aggregated in the next aggregation process. • Each event triggered for an identity like creation, deletion, job change, modification etc calls for a business process known as workflow in terms of IAM. • Each workflow works as set of logical process through which all IAM business processes are implemented at the backend.
  • 8. IAM Framework functioning – Roles & Rules Management • Roles are another way of providing access to an identity, where roles are either assigned or detected. • Roles can be of any type from organisational to entitlement level. • Roles can have inheritance property as well, overlapping of roles is also allowed. • Rules are logic which can be written in scripting language, Boolean operations etc which are implemented at runtime from the executing module. • Rules are customized and are implemented specifically to cater certain security or business requirement.
  • 9. IAM Framework functioning: Aggregation & Provisioning • Target application data is pulled into IAM framework through aggregation process. Provisioning on other hand is defined as the process of granting/revoking access in target system. • Aggregation is the process of connecting the IAM framework to the target application database through logical connections implemented through integrating services. • Certain applications which are not connected to IAM framework directly, there aggregation process and provisioning mechanism is customized as per the business requirement and indirect integrating services
  • 10. IAM Framework functioning – Certifications • Certifications refers to access review or access roaster mechanism. • Certifications are performed over a period of time monthly, quarterly and annually as per requirement. • For performing certification a certifier is assigned certain work items which contains access of various identities. • The purpose of certifications is to review appropriate access and to check if there is any inappropriate access which should be revoked.
  • 11. IAM tool – SailPoint • Gartner’s SailPoint is one of the leading IAM and IAG tool. • It is an open identity management platform (from 7.0 release) which provides modern security. • SailPoint provides the most flexible and user friendly IAM framework. • SailPoint manages user applications on premises as well as on cloud. • SailPoint has three major solutions : • IdentityIQ (On-premises Access Management solution) • IdentityNow (Cloud based Access Management solution) • SecurityIQ (Security to unstructured data)