Aujas US

An IDG Ventures Company

Converged Identity and Access Management

Access managementPart 3 in the Converged Identity and Access Management series

Converged IAM (Identity and Access Management) can be understood as a system which converges together disparate physical and logical access control system, to create a singular trusted identity and one credential to match rights and access them across the enterprise.

Converged IAM can’t exist without network connections – preferably automatic, software driven ones – between these logical and physical identity systems.

The most typical use-case right now involves the uses of a card reader integrated with an identity management or directory system such as Active Directory of LDAP. Users swipe the access card at the door and use that same access card to log on to network resources.

Logical identity integrations for a user usually begin with links between human resources systems, an IT network component and the enterprise directory. The directory software, such as Microsoft’s Active Directory or similar tools based on the Lightweight Directory Access Protocol (LDAP), ensures that any employee has the network, software and database access — the virtual provisions — they’ll require to do their work.

Many large enterprises already use identity management tools from vendors like IBM, Novell, Oracle and Sun, to provision users from the HR system into the directory. That process is fairly well-automated. The disconnection between logical and physical identity usually appears when it’s time to provision a user’s physical access rights—at the most basic, where and when that person is allowed to be within the enterprise. In many enterprises, this task is typically still manual: A phone call, email or fax from HR alerts the physical security department to put the new employee into the PACS and create an access badge for him.

Integrating the PACS with the enterprise directory enables enterprises to address the issue of disconnected physical and logical identities. Here the value for the organization is that integration allows them to have a better understanding of who has rights to their network and their physical facilities. It allows them to manage access rights and people’s responsibilities within the organization more efficiently.

Next: The Importance of IT in Convergence

November 3, 2010 - Posted by | Access control, Risk management | ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: