<  Terminology  >

IAM Terminology

Online definitions of IAM terms and concepts

  • IAM

    IAM

    Identity and Access Management
  • Identity Federation

    Identity Federation

    Mutual trust of different identity sources
  • 2C

    2C

    To Customers Identity management
  • 2B

    2B

    To Business Partners identity management
  • 社交认证

    社交认证

    指应用身份验证通过与社交软件互信,用社交软件进行身份验证的技术,如微信、QQ、微博、钉钉等。
  • 用户画像

    用户画像

    提供多维度基础属性、到访意图及行业变化趋势,帮助用户洞悉目标群体,锁定热点走向,优化内容运营,并可通过全网分析洞察潜在流量,深度挖掘画像价值。
  • 数字身份

    数字身份

    Digital Identity,在数字世界中,通过IAM技术将物理世界身份与数字世界的身份进行映射,是个人、组织或设备在网络空间中使用的在线或网络身份。
  • SCIM

    SCIM

    System for Cross-domain Identity Management
  • 身份认证

    身份认证

    通过CA数字证书、指纹、动态口令等不同的安全认证方式解决“你是谁”的身份验证与识别问题。
  • 2E

    2E

    To Employees identity management
  • 融合认证

    融合认证

    旨在打造一套通用的认证平台,组织可以通过统一架构快速获取不同的认证方法(包括生物识别认证、非生物认证、标准认证协议)新的认证服务即插即用,并可提供统一API,一次对接,全局使用,同时框架提供灵活认证编排、认证安全等级划分,方便组织灵活调度认证方式。
  • 设备指纹

    设备指纹

    指可以用于唯一标识出该设备的设备特征或者独特的设备标识,通过获取关联设备的硬件、系统、网络、状态等信息,通过专有加密算法,赋予其唯一的设备标识符,并注册为信任设备,将用户身份与设备指纹信息进行关联、绑定,提升认证安全等级。
  • IDM

    IDM

    Identity Management
  • CAS

    CAS

    Central Authentication Service
  • 身份凭证

    身份凭证

    指用户用以获取信息资源访问权的标识,如用户的口令、公钥基础设施(PKI)证书,生物特征信息(指纹、虹膜、人脸、声纹等)。
  • IoT IDM

    IoT IDM

    Identity management of Internet of things
  • FIDO

    FIDO

    Fast IDentity Online
  • UBA

    UBA

    User Behavior Analytics
  • AM

    AM

    Access Management
  • OAuth2.0

    OAuth2.0

    是一个开放标准,允许用户授权第三方移动应用访问他们存储在另外的服务提供者上的信息,而不需要将用户名和密码提供给第三方移动应用或分享他们数据的所有内容。
  • 孤儿账号

    孤儿账号

    又称幽灵账号,系统中存在但无法被关联到具体人员的账号。
  • 用户生命周期管理

    用户生命周期管理

    是指维护和更新数字身份的一整套过程和技术,实现员工入职、调岗、离职、返聘、退休等人事变动过程中身份同步、配置、撤销和对用户属性、凭证及权益的管理,实现企业数字身份的常态化、精准化、自动化、安全化管理。
  • ABAC

    ABAC

    Attribute Base Access Control
  • 有效账号

    有效账号

    指可关联到具体人员且经常使用,同时需满足组织内部账号管理规范。
  • AD

    AD

    Active Directory
  • TBAC

    TBAC

    Task based access control
  • IDaaS

    IDaaS

    Identity as a Service
  • RBAC

    RBAC

    Role-Based Access Control
  • SSO

    SSO

    Single Sign On
  • SAML

    SAML

    Security Assertion Markup Language
  • 重复账号

    重复账号

    指在应用系统有一个以上账号被同时使用。
  • 权限管理

    权限管理

    指根据系统设置的安全规则或者安全策略,用户可以访问而且只能访问自己被授权的资源,权限管理分为功能级权限管理、数据级权限管理。
  • 僵尸账号

    僵尸账号

    指账号被关联至具体人员,但长期未被使用且账号状态正常,如离职账号。
  • PAM

    PAM

    Privilege Account Management
  • LDAP

    LDAP

    Lightweight Directory Access Protocol
<  REGULATIONS  >

Policies and regulations

International and domestic policies and regulations have clear requirements for identity security.

  • 《Cyber Security Law》

    The "Cyber Security Law" clearly puts forward that the state implements the network trusted identity strategy and the network trusted identity authentication system is the core of network security. Support research and development of safe and convenient e-authentication technology and promote mutual recognition between different e-authentication. Promote the interconnection of the existing network identity authentication systems and establish a cross-platform network trusted identity system.

  • 《Classfied Cybersecurity Protection 2.0》

    The identity security standard of Classfied Cybersecurity Protection 2.0 is divided into three parts: identity authentication, access control and security audit.

  • 《GDPR》

    GDPR requires all organizations to use personal data only with the consent of individuals, and individuals can withdraw the right to use it at any time; Enterprises are required to sort out their current distribution of personal information assets to ensure that users have the only place to correct this information; At the request of users, user data can be transferred from one organization to another.

  • 《PSD2》

    PSD2 opens some special features to consumers from the payment aspect. PSD2 has many aspects of security requirements, including users, terminals, edges and frames. The infrastructure also includes CIA, encryption. PSD2 considers risk analysis as a necessary part of verification. The risk elements include physical location, IP address, working hours, device ID, device fingerprint, user attributes, etc.

<  RIGID DEMAND  >

Why IAM is a necessity for all industries

  • Government

    Government data sharing is the foundation, and data security is the top priority.

  • Manufacturing

    Create a full chain identity security architecture with trusted devices, trusted users, and trusted products through the IAM architecture.

  • Military

    Independent and controllable information technology is the premise of safeguarding network sovereignty and maintaining information security.

  • Automobile

    Build a customer-centric ecosystem that leverages big data to drive intelligent enterprise management.

  • Real estate

    Identity management, connectivity, enabling digital transformation of the real estate industry.

  • Construction

    Establish an identity safety control system centering on engineering projects.