IAM Terminology
Online definitions of IAM terms and concepts
-
IAM
IAM
Identity and Access Management -
Identity Federation
Identity Federation
Mutual trust of different identity sources -
2C
2C
To Customers Identity management -
2B
2B
To Business Partners identity management -
社交认证
社交认证
指应用身份验证通过与社交软件互信,用社交软件进行身份验证的技术,如微信、QQ、微博、钉钉等。 -
用户画像
用户画像
提供多维度基础属性、到访意图及行业变化趋势,帮助用户洞悉目标群体,锁定热点走向,优化内容运营,并可通过全网分析洞察潜在流量,深度挖掘画像价值。 -
数字身份
数字身份
Digital Identity,在数字世界中,通过IAM技术将物理世界身份与数字世界的身份进行映射,是个人、组织或设备在网络空间中使用的在线或网络身份。 -
SCIM
SCIM
System for Cross-domain Identity Management -
身份认证
身份认证
通过CA数字证书、指纹、动态口令等不同的安全认证方式解决“你是谁”的身份验证与识别问题。 -
2E
2E
To Employees identity management -
融合认证
融合认证
旨在打造一套通用的认证平台,组织可以通过统一架构快速获取不同的认证方法(包括生物识别认证、非生物认证、标准认证协议)新的认证服务即插即用,并可提供统一API,一次对接,全局使用,同时框架提供灵活认证编排、认证安全等级划分,方便组织灵活调度认证方式。 -
设备指纹
设备指纹
指可以用于唯一标识出该设备的设备特征或者独特的设备标识,通过获取关联设备的硬件、系统、网络、状态等信息,通过专有加密算法,赋予其唯一的设备标识符,并注册为信任设备,将用户身份与设备指纹信息进行关联、绑定,提升认证安全等级。 -
IDM
IDM
Identity Management -
CAS
CAS
Central Authentication Service -
身份凭证
身份凭证
指用户用以获取信息资源访问权的标识,如用户的口令、公钥基础设施(PKI)证书,生物特征信息(指纹、虹膜、人脸、声纹等)。 -
IoT IDM
IoT IDM
Identity management of Internet of things -
FIDO
FIDO
Fast IDentity Online -
UBA
UBA
User Behavior Analytics -
AM
AM
Access Management -
OAuth2.0
OAuth2.0
是一个开放标准,允许用户授权第三方移动应用访问他们存储在另外的服务提供者上的信息,而不需要将用户名和密码提供给第三方移动应用或分享他们数据的所有内容。 -
孤儿账号
孤儿账号
又称幽灵账号,系统中存在但无法被关联到具体人员的账号。 -
用户生命周期管理
用户生命周期管理
是指维护和更新数字身份的一整套过程和技术,实现员工入职、调岗、离职、返聘、退休等人事变动过程中身份同步、配置、撤销和对用户属性、凭证及权益的管理,实现企业数字身份的常态化、精准化、自动化、安全化管理。 -
ABAC
ABAC
Attribute Base Access Control -
有效账号
有效账号
指可关联到具体人员且经常使用,同时需满足组织内部账号管理规范。 -
AD
AD
Active Directory -
TBAC
TBAC
Task based access control -
IDaaS
IDaaS
Identity as a Service -
RBAC
RBAC
Role-Based Access Control -
SSO
SSO
Single Sign On -
SAML
SAML
Security Assertion Markup Language -
重复账号
重复账号
指在应用系统有一个以上账号被同时使用。 -
权限管理
权限管理
指根据系统设置的安全规则或者安全策略,用户可以访问而且只能访问自己被授权的资源,权限管理分为功能级权限管理、数据级权限管理。 -
僵尸账号
僵尸账号
指账号被关联至具体人员,但长期未被使用且账号状态正常,如离职账号。 -
PAM
PAM
Privilege Account Management -
LDAP
LDAP
Lightweight Directory Access Protocol
IAM Repository
-
2020.06.19
数字身份·智领未来 丨2019新技术重塑用户体验技术峰会
2019年5月12日,由合规信息化促进会主办,思享会协办的“数字身份·智领未来——新技术重塑用户体验”技术峰会在深圳成功举办。 -
2020.06.05
嘉宾访谈 精彩观点
2019年5月12日,在 “数字身份·智领未来——新技术重塑用户体验”技术峰会现场,几位特邀嘉宾接受媒体专访,从各自视角探讨技术发展趋势与变化、信息安全、合规风控、数据保护等行业热点话题。 -
2020.06.05
工业大数据·机器到机器(M2M)身份治理与管理赋能
身份治理,万物互联,身份安全让任何用户、设备或机器可以与应用以及服务之间进行安全、高效、无缝地连接。
Policies and regulations
International and domestic policies and regulations have clear requirements for identity security.
-
《Cyber Security Law》
The "Cyber Security Law" clearly puts forward that the state implements the network trusted identity strategy and the network trusted identity authentication system is the core of network security. Support research and development of safe and convenient e-authentication technology and promote mutual recognition between different e-authentication. Promote the interconnection of the existing network identity authentication systems and establish a cross-platform network trusted identity system.
-
《Classfied Cybersecurity Protection 2.0》
The identity security standard of Classfied Cybersecurity Protection 2.0 is divided into three parts: identity authentication, access control and security audit.
-
《GDPR》
GDPR requires all organizations to use personal data only with the consent of individuals, and individuals can withdraw the right to use it at any time; Enterprises are required to sort out their current distribution of personal information assets to ensure that users have the only place to correct this information; At the request of users, user data can be transferred from one organization to another.
-
《PSD2》
PSD2 opens some special features to consumers from the payment aspect. PSD2 has many aspects of security requirements, including users, terminals, edges and frames. The infrastructure also includes CIA, encryption. PSD2 considers risk analysis as a necessary part of verification. The risk elements include physical location, IP address, working hours, device ID, device fingerprint, user attributes, etc.
Why IAM is a necessity for all industries
-
Government
Government data sharing is the foundation, and data security is the top priority.
-
Manufacturing
Create a full chain identity security architecture with trusted devices, trusted users, and trusted products through the IAM architecture.
-
Military
Independent and controllable information technology is the premise of safeguarding network sovereignty and maintaining information security.
-
Automobile
Build a customer-centric ecosystem that leverages big data to drive intelligent enterprise management.
-
Real estate
Identity management, connectivity, enabling digital transformation of the real estate industry.
-
Construction
Establish an identity safety control system centering on engineering projects.