This chapter covers provisioning and managing identities, and the access used in the interaction between humans and information systems. The core concepts of identification, authentication, authorization and accountability are covered in detail here. Concepts related to identity as a service or cloud based third-party identity services are covered; and security requirements in such services are covered with illustration.
A candidate for the CISSP exam is expected to have foundational concepts and knowledge in the following key areas of the identity and access management domain:
An asset, such as data, is accessed through systems and applications. Similarly, access to facilities such as data centers and operational areas are facilitated through access control mechanisms. Hence, physical or logical access to assets needs to establish the identity of the person or process scripts before determining the access permission.
Observe the following illustration. Users need access to data or physical facilities. Similarly, scripts or programs need access to data for processing and execution. Essentially, one type of asset needs access to another type of asset. The overall process of facilitating and managing identities of such assets, and controlling access while ensuring information security, is termed as Identity and Access Management (IAM):
In this module you will understand the following:
18.223.107.85