Gartner defines access management (AM) as platforms that include an identity provider (IdP) and establish, manage and enforce runtime access controls to at least cloud, modern standards-based web and classic web applications. AM’s purpose is to enable single sign-on (SSO) access for people (workforce, consumer and other users) and machines into protected applications in a streamlined and consistent way that enhances user experience. AM is also responsible for providing security controls to protect the user session in runtime, enforcing authentication (with multifactor authentication [MFA]) and authorization using adaptive access. Lastly, AM can provide identity context for other cybersecurity tools to enable identity-first security.
Decentralized identity (DCI) democratizes digital identity by decentralizing both the storage and the use of identity data. The primary benefits of DCI are privacy, anonymity and user autonomy. DCI tools include a trust fabric, typically a distributed ledger like a blockchain; a digital wallet, which is tied to an entity (user); verifiable credentials (VCs), which represent identity attributes used to prove identity claims; and decentralized identifiers (DIDs), which establish pseudonymous relationships for issuing and verifying claims. DCI systems are delivered via software and SaaS capabilities. Users are primarily humans, but machines and even business entities can be users of DCI. DCI is used for user verification, identifying and tying a physical person to an identity wallet, and for user authentication and authorization, authenticating that user and authorizing them to access resources and data. Unlike conventional approaches, DCI does not use central stores of identity data, instead decentralizing the identity data, relationships between a user and service provider, and verification.
Gartner defines identity governance and administration (IGA) as the solution to manage the identity life cycle and govern access across on-premises and cloud environments. To accomplish this, IGA tools aggregate and correlate disparate identity and access rights data, and provide full capability controls over accounts and associated access. IGA solutions also fulfill the purpose of unifying and correlating identity data for organizations with multiple person and machine identity authoritative sources. This is done to provide a single view of identity (system of record) for their dependent processes and systems
The amount of information being transmitted from things continues to rise. Much of this data originates outside of the enterprise. The scale of security risks in the Internet of Things (IoT) era is therefore much greater than in the pre-IoT environment, and the 'attack surface' is much larger. Most sensor-based things have minimal computing resources, and the opportunities for antivirus, encryption and other forms of protection within things are more restricted. Therefore, IoT security products with a variety of capabilities emerged to help dispel some of these challenges.
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. User authentication is foundational to and protects the value of other functions with an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD); audit (individual accountability); and identity analytics.