Abstract: Once we have granted administrative access to our systems for our users then we need to validate the user identity and entitlements at runtime. We need to make each user "prove" they are who they say they are to access our systems without over complicating their access. This used to be easy in the world of Web SSO but has gotten very difficult with the advent of cloud services and mobile applications. If we consider access points, then certainly this entails federated identity vetting, credential binding, tokenization, etc. We also need to deal with information remnants issues, un-owned, uncontrolled, or unmanaged devices, as well as the attack vector such things represent.
In this series we will focus on:
- PIM/PAM
- Context-Based Access Controls
- Social Log-ins
- Mobile Authentication
- IDaaS
- 2FA/MFA
- Consumer IAM
- Federated Identity Management
No comments:
Post a Comment