|
In computing, identity management (IdM) describes the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. The terms "Identity Management" and "Identity and Access Management" are used interchangeably in the area of Identity access management, while identity management itself falls under the umbrella of IT Security. Identity-management systems, products, applications and platforms manage identifying and ancillary data about entities that include individuals, computer-related hardware and applications. Technologies, services and terms related to identity management include Directory services, Digital Cards, Service Providers, Identity Providers, Web Services, Access control, Digital Identities, Password Managers, Single Sign-on, Security Tokens, Security Token Services (STS), Workflows, OpenID, WS-Security, WS-Trust, SAML 2.0, OAuth and RBAC. IdM covers issues such as how users gain an identity, the protection of that identity and the technologies supporting that protection (e.g., network protocols, digital certificates, passwords, etc.). == Definitions == Identity management (IdM) is the task of controlling information about users on computers. Such information includes information that authenticates the identity of a user, and information that describes information and actions they are authorized to access and/or perform. It also includes the management of descriptive information about the user and how and by whom that information can be accessed and modified. Managed entities typically include users, hardware and network resources and even applications. Digital identity is an entity's online presence, encompassing personal identifying information (PII) and ancillary information. See OECD〔 (Functional requirements for privacy enhancing systems ) Fred Carter, OECD Workshop on Digital Identity Management, Trondheim, Norway, 9 May 2007 (PPT presentation)〕 and NIST〔 (Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) ), Recommendations of the National Institute of Standards and Technology, January 2009〕 guidelines on protecting PII.〔(PII (Personally Identifiable Information) ), The Center For Democracy & Technology, September 14, 2007〕 It can be interpreted as the codification of identity names and attributes of a physical instance in a way that facilitates processing. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「identity management」の詳細全文を読む スポンサード リンク
|