Information Technology Reference
In-Depth Information
Identity Management, LIMA-style
We've seen how Access Management works. Identity Management is the
other half of IAM. We can think of Identity Management as the system that
provides Access Management with up-to-date data to work with. It also
performs an audit function by keeping track of all significant user events.
Doing all of this behind-the-scenes stuff is hard work. It's conceptually
simple, but operationally hard - until you get the processes in place. Then
it's both simple and easy. But you need to avoid the expedient shortcuts that
can complicate matters over the long run and end up costing you more. The
key principle is loose coupling, as always.
Identity Management Concepts
The key processes in Identity Management are User Provisioning and Audit.
In essence, User Provisioning is keeping user data up-to-date and consistent
on a number of different systems, so that Access Management and Audit can
both work correctly. Audit is recording all relevant user events and activities.
This diagram puts all these concepts into context.
Fig 36: Identity Management concepts
We've already covered many techniques of loose coupling early on. Now is
the time to drill down into the details to see what loose coupling really
means in the context of Identity Management.
