[Log In] []

Exploring the science and magic of Identity and Access Management
Saturday, July 13, 2024

Identity and Access Management – Capability Model

Author: Mark Dixon
Friday, March 8, 2013
3:57 pm

In a recent twitter conversation with Andre Koot, he suggested that we needed innovation in both Identity Management and Access Management.  He referred me to his blog, entitled “Let’s Kill the IAM Acroynm.”  Andre suggested:

Identity Management is a process for managing the lifecycle of identities … Access Control is a whole different ballgame …

After reading his blog, it occurred to me that he and I defined those two terms a bit differently.  I promised Andre that I would blog about it.

The diagram below shows how we at Oracle talk about the broad area of Identity and Access Management – encompassing three general areas:

  1. Identity Governance is about making sure the right people are granted the right access rights and making sure the wrong ones aren’t
  2. Access Management is about enforcing those access rights, within specified policy, when users attempt to access a desire application or system
  3. Directory Services provides ways to control where identity information about users and accessed rights are stored.
Oracle IAM

Does this provide the right demarcation between the various functional areas?  It seems to resonate well with our customers, and provides a valuable model to aid communications.  I’d be happy to hear any feedback you have.

By the way, this diagram is more effective as a PowerPoint build slide.  Let me know and I’d be happy to send you a copy.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.