Identity and Access Management
Identity and access management (IAM) is a set of information technologies that deal with identities in the cyberspace. There are authentication mechanisms, directory services, authorization systems, access control models, federations, agents, repositories, attributes, claims, certificates, lifecycles, rules, processes, policies and other exotic life forms.
IAM is a broad and diverse set of technologies, some of them are interwoven into an identity fabric, others are pretty much stand-alone. Usually, there are several (incompatible) mechanism to address each problem, except for some problems that seem to be not addressed at all. Overall, identity and access management is complex. It is a labyrinth of technologies and methods, a letter soup of acronyms referring to inconsistent terminology. Check out our glossary to see for yourself.
However, even the most complex labyrinth can be safely navigated by those armed with knowledge. This part of Evolveum documentation site is dedicated to explanation of IAM concepts, technologies and methods.
Identity Governance and Administration
Identity governance and administration (IGA) is a subfield of identity and access management (IAM) dealing with management and governance of identity-related information. Simply speaking, IGA deals with all the details concerning maintenance of identity information, ranging from low-level technical details to high-level business policies.
As Evolveum is a creator of midPoint, a powerful IGA platform, it is perhaps no surprise that this site is mostly focused on IGA. There is an entire section dedicated to IGA, explaining fundamental principles and providing useful details.
See Identity Governance and Administration section for more details.
Myths and Best Practice
Being such a complex field, identity and access management (IAM) is a perfect spawning ground for questionable practices. There are many myths and anti-patterns that seem to be all right at the first sight. However, they usually end up as very expensive problems. These practices are so common, that we have dedicated a section of this site to describe them. There is also a section describing best practices.