Skip to main content
DI

Identity Governance

Learn about the policies, processes, and technologies that govern digital identities throughout their lifecycle. Covers identity governance and administration (IGA), access reviews, provisioning, compliance, and separation of duties.

18 terms10 books

Key Terms

Role-Based Access Control

RBAC

An access control model that assigns permissions to users based on their organizational roles, simplifying access management by grouping permissions into roles rather than assigning them individually.

beginnerAuthorizationGovernance

Attribute-Based Access Control

ABAC

An access control model that evaluates access requests based on attributes of the user, resource, action, and environment, enabling fine-grained, context-aware authorization decisions.

intermediateAuthorizationGovernance

System for Cross-domain Identity Management

SCIM

An open standard protocol for automating the exchange of user identity information between identity domains and IT systems, enabling automated provisioning and deprovisioning of user accounts.

intermediateProvisioningStandards & Protocols

Lightweight Directory Access Protocol

LDAP

An open, vendor-neutral protocol for accessing and managing distributed directory information services, commonly used to store and retrieve user identity data, group memberships, and organizational structures.

intermediateStandards & ProtocolsProvisioning

Active Directory

AD

Microsoft's directory service for Windows domain networks that provides authentication, authorization, directory services, and group policy management for enterprise environments.

beginnerAuthenticationProvisioning

Privileged Access Management

PAM

A set of cybersecurity strategies, technologies, and practices for controlling, monitoring, securing, and auditing elevated access and permissions for users, accounts, and systems across an IT environment.

intermediatePAMGovernance

Identity Governance and Administration

IGA

A framework of policies, processes, and technologies that manage and govern digital identities and their access rights across an organization, including provisioning, certification, and compliance reporting.

intermediateGovernanceCompliance

Identity Lifecycle Management

The end-to-end process of managing a digital identity from creation through modification, access changes, and eventual deactivation or deletion, ensuring appropriate access at every stage.

intermediateGovernanceProvisioning

Just-in-Time Provisioning

JIT Provisioning

An automated provisioning method that creates or updates user accounts in a target application at the moment of the user's first authentication, rather than pre-provisioning accounts in advance.

intermediateProvisioningSSO

User Provisioning

The process of creating, managing, and maintaining user accounts and their associated access rights across IT systems and applications, ensuring users have the appropriate access to perform their roles.

beginnerProvisioningGovernance

Deprovisioning

The process of revoking and removing a user's access rights and accounts across IT systems when they no longer need access, such as when they change roles or leave the organization.

beginnerProvisioningGovernance

Access Review

A periodic assessment process where managers or application owners review and validate that users' current access rights are appropriate and aligned with their roles and responsibilities.

beginnerGovernanceCompliance

And 6 more terms... View all in glossary

Recommended Books

Identity Management Design Guide with IBM Tivoli Identity Manager

Axel Buecker

Identity Management Design Guide with IBM Tivoli Identity Manager

Axel Buecker, Dr. Paul Ashley, Martin Borrett

4.1

This IBM Redbooks publication provides a comprehensive guide to designing and implementing identity management solutions using IBM Tivoli Identity Manager. It covers the full identity lifecycle from provisioning to deprovisioning, role-based access control, compliance reporting, and integration patterns with enterprise directories and applications.

advancedIAMIdentity Governance

Identity Attack Vectors

Morey J. Haber

Identity Attack Vectors

Morey J. Haber, Darran Rolls

4.3

Identity Attack Vectors explores the threat landscape targeting identity systems and provides practical guidance for implementing effective IAM solutions. It covers privileged access management, identity governance, attack patterns targeting credentials and identity stores, and defensive strategies.

intermediateIAMCybersecurity

Privileged Attack Vectors

Morey J. Haber

Privileged Attack Vectors

Morey J. Haber

4.2

This book examines how attackers exploit privileged accounts and provides comprehensive guidance on building a privileged access management program. It covers PAM architecture, credential vaulting, session management, just-in-time access, and measuring PAM program effectiveness.

intermediatePAMCybersecurity

The Data Privacy and GDPR Handbook

Sanjay Sharma

The Data Privacy and GDPR Handbook

Sanjay Sharma

4.2

A comprehensive handbook for data privacy professionals covering GDPR implementation, data protection impact assessments, consent management, data subject rights, breach notification procedures, and ongoing compliance management.

intermediatePrivacyCompliance

Strategic Privacy by Design

R. Jason Cronk

Strategic Privacy by Design

R. Jason Cronk

4

This book provides a methodology for embedding privacy into systems and processes from the ground up. It covers privacy engineering frameworks, threat modeling for privacy, data minimization strategies, and building privacy-respecting identity systems.

advancedPrivacyCompliance

Enterprise IAM Guidebook

Jeff Lombardo

Enterprise IAM Guidebook

Jeff Lombardo

4.1

A practical guide to building and maturing an enterprise IAM program. Covers program strategy, technology selection, role management, access governance, compliance, and organizational change management for IAM.

intermediateIAMIdentity Governance