Enterprise Identity Management
Enterprise is made of not only CEO, CFO, COO and CTO but also thousands of other associates. Due to technologies used to manage integration among employees, it has been a great help for enterprise manager. However importance of content access and sharing vital and secured information have raised issue of access and integration management.
Architecture of Modern Enterprise is enabled through IT infrastructure including following complexities:
-- Network operating systems.
-- Application Server, Database server and so others
-- User directories.
-- Human resources, payroll and contract management systems.
-- Business applications.
-- Customer relationship management (CRM)
-- Electronic commerce applications.
Considering enterprise stack holders following are the entities which need access to your IT infrastructure.
1. Employees.
2. Contractors.
3. Partners.
4. Vendors.
5. Customers.
Almost every system must track valid users, and control what they can and cannot see and do. The access management process includes management of data about:
-- User identity.
-- User authentication.
-- Access controls over data and functions.
The diversity of these systems -- each with their own administration software, people and processes -- and the fact that users typically access multiple systems, makes managing this data about users difficult at best, and an obstacle to doing business at worst.
Identity information is usually distributed in multiple systems throughout an organization. Enterprise identity management represents the vision that digital identity data, while distributed, is highly interrelated and requires a holistic approach to management.
Identity management technologies attempt to simplify the administration of this distributed, overlapping and sometimes contradictory data about the users of an organization's information technology systems.
Enterprise identity management includes three major functions:
1. Identity administration,
2. Community management, and
3. Identity integration.
Identity administration is the provisioning and maintenance of individual identities.
Community management addresses the connection and security of relationships between identities.
Identity integration focuses on the connection and cooperation of multiple identity repositories based on business rules.
Each of these components works together to deliver enterprise identity management.
Components of Identity and access management
Individual components of the infrastructure implement following functions:
1. Directory service provides a central identity repository and reconciliation of identity details between application specific directories.
2. Identity management service provides tools to manage identity details stored in the directory.
3. Access management services implement authentication of web based users and enforces access control over the web-based transactions.
4. Provisioning service covers centralised user administration capabilities and serves mainly for propagation of user account changes and access rights across individual back-end applications. In this manner it is bridging the gap between e-business systems and enterprise applications security.
5. Presentation service is providing a personalised interface for all user interactions with the system.
Identity Management
Identity-management systems are products, processes, and services for administering end users' network resources and applications. Identity management can extend beyond a single organization:
1. Customers would like to access multiple web sites without re-authenticating to each one.
2. Employees would like to access vendor web resources without registering or re-authenticating.
3. Companies would like to be able to provision their own users with access to partner and vendor resources automatically.
Identity management service implements facilities to enable user registration, change of his status or other details and de-registration. Identity management features enable creation, deletion or modification of user profile, change of user's role or his association with a function, business unit or organization. These activities were traditionally been a domain of user administration and were supported by tools for managing proprietary directories. Identity management subsystems employ workflow in a way similar to provisioning subsystems to administer users on an individual, group, and organisational basis.
Identity administration represents the alignment of individual digital identity with business processes. Three major functions make up identity administration: existence, context, and provisioning. Existence focuses on establishing a digital entity for a person. Context involves keeping a dynamic inventory of a user’s role, current working environment, and needs. Provisioning consists of dynamically providing people with the tools they need to accomplish work.
Market Watch
Most basic identity-management tools enforce corporate security policy by offering authentication (tracking who is accessing resources), provisioning (linking accounts with users), and access control (verifying which services a user is allowed to access). Advanced features can build bridges between systems. For example, password management bridges authentication and provisioning systems to simplify end-user management of multiple application accounts.
The identity-management industry is led by mature vendors such as BMC, Computer Associates, IBM, Netegrity, and RSA Security. New vendors, such as Business Layers, Communicator, and Waveset, add to a rich market of identity-management products and services, which is estimated to be worth $2.3 billion in 2003.
The Yankee Group forecasts that the identity-management market will expand at a compound annual growth rate (CAGR) of 7.1 percent during the next 5 years, becoming an estimated $3.3 billion market by 2008
Reference:
Lewis, Jamie. The Emerging Infrastructure for Identity and Access Management
Enterprise Identity Management: Strategy White Paper by Microsoft
Identity Management Is the Key to the Enterprise: Yankee Group
P-Synch : Documentation : Enterprise Identity Management
Architecture of Modern Enterprise is enabled through IT infrastructure including following complexities:
-- Network operating systems.
-- Application Server, Database server and so others
-- User directories.
-- Human resources, payroll and contract management systems.
-- Business applications.
-- Customer relationship management (CRM)
-- Electronic commerce applications.
Considering enterprise stack holders following are the entities which need access to your IT infrastructure.
1. Employees.
2. Contractors.
3. Partners.
4. Vendors.
5. Customers.
Almost every system must track valid users, and control what they can and cannot see and do. The access management process includes management of data about:
-- User identity.
-- User authentication.
-- Access controls over data and functions.
The diversity of these systems -- each with their own administration software, people and processes -- and the fact that users typically access multiple systems, makes managing this data about users difficult at best, and an obstacle to doing business at worst.
Identity information is usually distributed in multiple systems throughout an organization. Enterprise identity management represents the vision that digital identity data, while distributed, is highly interrelated and requires a holistic approach to management.
Identity management technologies attempt to simplify the administration of this distributed, overlapping and sometimes contradictory data about the users of an organization's information technology systems.
Enterprise identity management includes three major functions:
1. Identity administration,
2. Community management, and
3. Identity integration.
Identity administration is the provisioning and maintenance of individual identities.
Community management addresses the connection and security of relationships between identities.
Identity integration focuses on the connection and cooperation of multiple identity repositories based on business rules.
Each of these components works together to deliver enterprise identity management.
Components of Identity and access management
Individual components of the infrastructure implement following functions:
1. Directory service provides a central identity repository and reconciliation of identity details between application specific directories.
2. Identity management service provides tools to manage identity details stored in the directory.
3. Access management services implement authentication of web based users and enforces access control over the web-based transactions.
4. Provisioning service covers centralised user administration capabilities and serves mainly for propagation of user account changes and access rights across individual back-end applications. In this manner it is bridging the gap between e-business systems and enterprise applications security.
5. Presentation service is providing a personalised interface for all user interactions with the system.
Identity Management
Identity-management systems are products, processes, and services for administering end users' network resources and applications. Identity management can extend beyond a single organization:
1. Customers would like to access multiple web sites without re-authenticating to each one.
2. Employees would like to access vendor web resources without registering or re-authenticating.
3. Companies would like to be able to provision their own users with access to partner and vendor resources automatically.
Identity management service implements facilities to enable user registration, change of his status or other details and de-registration. Identity management features enable creation, deletion or modification of user profile, change of user's role or his association with a function, business unit or organization. These activities were traditionally been a domain of user administration and were supported by tools for managing proprietary directories. Identity management subsystems employ workflow in a way similar to provisioning subsystems to administer users on an individual, group, and organisational basis.
Identity administration represents the alignment of individual digital identity with business processes. Three major functions make up identity administration: existence, context, and provisioning. Existence focuses on establishing a digital entity for a person. Context involves keeping a dynamic inventory of a user’s role, current working environment, and needs. Provisioning consists of dynamically providing people with the tools they need to accomplish work.
Market Watch
Most basic identity-management tools enforce corporate security policy by offering authentication (tracking who is accessing resources), provisioning (linking accounts with users), and access control (verifying which services a user is allowed to access). Advanced features can build bridges between systems. For example, password management bridges authentication and provisioning systems to simplify end-user management of multiple application accounts.
The identity-management industry is led by mature vendors such as BMC, Computer Associates, IBM, Netegrity, and RSA Security. New vendors, such as Business Layers, Communicator, and Waveset, add to a rich market of identity-management products and services, which is estimated to be worth $2.3 billion in 2003.
The Yankee Group forecasts that the identity-management market will expand at a compound annual growth rate (CAGR) of 7.1 percent during the next 5 years, becoming an estimated $3.3 billion market by 2008
Reference:
Lewis, Jamie. The Emerging Infrastructure for Identity and Access Management
Enterprise Identity Management: Strategy White Paper by Microsoft
Identity Management Is the Key to the Enterprise: Yankee Group
P-Synch : Documentation : Enterprise Identity Management
Use the feedback form below to submit your comments.
Use the form below to email this article to your friends.
- Hosting Service Providers and Identity Theft
- How Identity Theft Can Affect You
- How to protect yourself from identity theft
- How To Protect Your Identity From Theft
- Internet Identity Theft Prevention
- Identity Theft: Count the ways
- Simple Identity Theft Prevention
- Preventing Identity Theft
- Woman Chases Down, Helps Nab Her Own Identity Thief
- TJX Identity Thieves get Maxx for Minimum
- Five Steps to Safe Online Shopping
- Identity Theft: The G.I. Blues
- Do You Know an Identity Thief?
- Knowing me, knowing you: why ID protection plans are flawed for fraud.
- Workplace Identity Theft: The Threat From Within
- Protecting Yourself Against Identity Theft - And How To Fight Back, Part Two
- Protecting Yourself Against Identity Theft - And How To Fight Back, Part One