5. 5
Summary
Data modeling : back to basics
IAM data model
IAM management functions
IAM implementation / service issues
IAM paradigms
6. 6
IAM
Identity and Access Management
Issues
User authentication
Access management
IAM data model (1)
General objective
7. 7
Identity management
Credential : something that allows an end user to prove his identity
Credentials identity management authorities
Credential level = trust level
• Technology : password ... crypto certificate
• Quality of the identity authority : zero-trust ... diplomatic
credentials
At run time
Credential checked authentication of the user
Credential level checked access to resource
IAM data model (2)
User authentication
8. 8
Improvements
Grouping of technical resources logical function
Grouping of users profile (same access rights)
#
Stability + ― +
IAM data model (3)
Access management
9. 9
#
Stability + + +
IAM data model (4)
Grouping of technical resources
10. 10
#
Stability + ― + –/+ +
IAM data model (5)
Grouping of users
12. 12
The owning department manages the list of user departments
entitled to the owned logical function
The user department gets the catalog of logical functions
granted by the owning departments
IAM data model (7)
Ownership of logical functions
Catalog management
13. 13
The user department establishes the adequate profiles according
to the catalog of granted logical functions
IAM data model (8)
Profile management
14. 14
IAM data model (9)
User management
The user department assigns the needed profile(s) to his users
16. 16
IAM data model (11)
Enhancements
Mandates
Assertion (civil servant, notary, doctor, etc.) management
Etc.
Logical
17. 17
Summary
Data modeling : back to basics
IAM data model
IAM management functions
IAM implementation / service issues
IAM paradigms
18. 18
IAM management functions
Ownership management
Catalog management
Profile management
Identity / credential management
User management (user profile)
Technical resources
Logical functions
Profiles
User access rights
19. 19
Summary
Data modeling : back to basics
IAM data model
IAM management functions
IAM implementation / service issues
IAM paradigms
20. 20
IAM implementation / service issues
Enforcement of the model (on the long run)
Mapping : model ICT features
Cross platform
Consolidated administration tool
Quality of management (ownership, profile, etc.)
Training / motivation of the managers
21. 21
Summary
Data modeling : back to basics
IAM data model
IAM management functions
IAM implementation / service issues
IAM paradigms