From the course: CompTIA CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management
Identity and access management
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management
Identity and access management
- [Tutor] Identity and access management controls play an important role in any organization's information security program. identity and access management is the practice of ensuring that computer systems, have a clear picture of the identity of each individual or resource authorized to access the system. And that the system can control access in a way that prevents unauthorized individuals from accessing resources, while permitting authorized individuals to perform legitimate actions. The concept of identity, can be a little confusing when discussed in the theoretical language of identity and access management professionals. Let's take a look at some of the terminology commonly used in this field by using an example from a college campus. First, an entity is the foundation of the identity model. In the case of people, an entity is an actual physical person. Here we have two person entities, Alice and Bob, each entity may have one One or more identities. In the case of people, identities normally correspond to roles that an individual plays within an organization. In our example, Alice has only one identity at our college. She is a faculty member. Bob, on the other hand, has three different identities. He works full time in the college IT department, so he has one identity as a staff member. He also earned his bachelor's degree at the college. So he's an alumnus, and he is currently studying for a master's degree making him a student. Bob fills all three identities: staff, alumnus and student at the same time. So across the system right now we have four different identity possibilities, faculty, staff, alumnus, and student. Each of these identities is a collection of attributes that describe the entity. For example, let's look at Bob's alumnus identity. there would be many attributes associated with that identity. For example, Bob studied computer science. So he has the academic major attribute, with the value of computer science. He graduated in 2015. So he has the graduation year attribute of 2015 and he donates to the college. So he has an attribute of donor, set to yes. There will likely be many more attributes associated with this identity and other identities may have overlapping attributes. For example, a student identity would also have a major and graduation year, but may contain information not found in an alumni record, such as whether the student is on a meal plan. It's important to note that entities are not always people. entities can be physical or virtual objects and groups. Some other example of non person entities include: business units, servers, network segments, and access groups. Identity and access management programs, use these identities, to control physical and logical access, to information, systems, devices and facilities, the rest of this course will dive into those details.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.