Authentication, SSO, IAM, Federation

This content originally appeared on DEV Community and was authored by rounakcodes

Intro

Once I started implementing an authentication system, I found myself coming back to these terms again and again to separate their individual roles and purpose in the system. This article was created to serve as a quick reference.

Authentication

• process of the Principal proving its identity to the System
  • Examples of Principal
    • application
    • computer system
    • human
    • hardware, etc
  • System is any computer system that requires identification before allowing access
  • System could be hosted on
    • server
    • device
    • browser, etc

Single Sign On (SSO)

• characteristic of an authentication mechanism
  • that relates to
  • the user's identity being used to
    • provide access across multiple Service Providers
• allows a single authentication system to be used across multiple systems
• The single authentication mechanism could be
  • LDAP or such directory server
  • a system generating trusted token
  • Federation (see below)

Identity and Access Management (IAM)

• the management of identity concerns within an information technology organization
• can include
  • authentication of users and system
  • authorization of those users and systems
  • user provisioning
  • audit of identity systems
  • user repository management (like LDAP or Active Directory)
  • password policies and other concerns

Federation

• common standards and protocols
  • to manage and map user identities
  • between Identity Providers
    • across org (and sec domains)
  • via trust rel (like dig sig, enc, PKI)
• a sub-discipline of IAM, but typically the same team(s) is involved in supporting it
• a type of SSO where the actors span multiple organizations and security domains

Reference

For a deep dive into the above (and more): https://medium.com/@robert.broeckelmann

Related

If you found this quick reference article useful, you may also benefit from

• Notes on OAuth 2.0
• Notes on LDAP

This content originally appeared on DEV Community and was authored by rounakcodes

Print Share Comment Cite Upload Translate Updates

APA

rounakcodes | Sciencx (2021-05-31T00:34:44+00:00) Authentication, SSO, IAM, Federation. Retrieved from https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/

MLA

" » Authentication, SSO, IAM, Federation." rounakcodes | Sciencx - Monday May 31, 2021, https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/

HARVARD

rounakcodes | Sciencx Monday May 31, 2021 » Authentication, SSO, IAM, Federation., viewed ,<https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/>

VANCOUVER

rounakcodes | Sciencx - » Authentication, SSO, IAM, Federation. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/

CHICAGO

" » Authentication, SSO, IAM, Federation." rounakcodes | Sciencx - Accessed . https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/

IEEE

" » Authentication, SSO, IAM, Federation." rounakcodes | Sciencx [Online]. Available: https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/. [Accessed: ]

rf:citation

» Authentication, SSO, IAM, Federation | rounakcodes | Sciencx | https://www.scien.cx/2021/05/31/authentication-sso-iam-federation/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.