Definition
Discipline of granting and enforcing access to resources after identity has been established. Encompasses authentication (proving who you are), authorization (deciding what you can do), session management, and access enforcement at policy enforcement points. Distinct from Identity Governance (lifecycle decisions) and from Identity Management (identity data and provisioning).
- Application
- MidPoint: Access Management (AM) is a security discipline that provides access to authorised users to enter particular resources.
Related terms
-
Access Control (AC)
Mechanism that determines whether a principal is permitted to perform a specific action on a specific resource. Includes …
-
Role Assignment (RA)
Specific instance of assigning a role to an identity — captures who, when, why, with what expiration. Direct (manually r …
-
Attribute-Based Access Control (ABAC)
Authorization model evaluating attributes of subject (role, department, clearance), object (sensitivity, owner), action …
-
Authorization (AuthZ)
Process of deciding whether an authenticated principal is permitted to perform a requested action on a resource. Distinc …
-
CIAM (CIAM)
Customer Identity and Access Management — specialized IAM for managing customer (not employee) identities. Differs from …
-
Cloud Data Access Governance
Discovery, classification, and access control for sensitive data across cloud data stores (S3, Snowflake, BigQuery, Data …