Identity management is meant to support the identification of authorized users and prevent unauthorized users from using a computerized environment, perform un-authorized actions, restrict access to restricted zones and/or times. It is a lifecycle activity that involves the establishment, management, and retention (or deletion) of identity information, as well as user enrollment in a system defined by individual and group memberships that assign various levels of access to resources based on business roles and responsibilities. Identity management is an integrated system of business processes, policies, and technologies that facilitates business- critical control activities related to physical and logical access.
Identity management systems are the machinery and mechanisms involved in identifying individuals within an access-controlled environment. Users are labeled as subjects and all available applications, data, files and resources are called objects. Subjects are defined by the object-relates access permissions, rights, or privileges assigned to them.
As a general concept, identity management is an umbrella of techniques and technologies that includes processes, protocols, and procedures to implement, maintain—and when necessary to monitor or audit— user accountability. Although this is the ultimate goal for any protected user-based system, there are several other distinct advantages and benefits. These are described in further detail in the sections that follow.
Identification and Authentication Techniques Identity is a crucial aspect in any computerized / Stand-alone security system. Physical Access Control terminals and Computer systems identify users in the best way they can, through credentials that are presumably supplied only by authorized parties. Unlike the simple facial or voice recognition that most humans utilize to identify authorized and unauthorized subjects perceptually, computers generally rely upon a trust model based on the face value of whatever credentials users present to assert their identities.
Usernames and passwords are the basis for many authentication systems, but many employ credentials specific to each person. Each distinct type of identification – password or passphrase, physical token or device, biological measurement, and so forth – counts as a separate identification factor. Employing combinations of individual factors and increasing the complexity of the individual factors used to assert or establish identity increases the security value of a given system.
Multiple factors, such as being used by IDentytech Solutions Ltd. are more secure than single factors, and more complex factors are generally more secure than those involving less detail. That said, each type of identity factor has its relative strengths and weaknesses.
There are three primary types of authentication factors:
• A Type 1 factor is something you know (such as a password, a PIN, or numeric combination).
• A Type 2 factor is something you have (which might be a smart card, a token or a physical key).
• A Type 3 factor is something you are (this could mean sensing or measuring some part of your body or your physical behavior, such as a thumb- or fingerprint, or a retinal or voice pattern).