Identity management techniques

Identity management is the combination of business process and technology used to manage data on IT systems and applications about users. Managed data includes user objects, identity attributes, security entitlements and authentication factors.

This document defines the components of identity management, starting with the underlying business challenges of managing user identities and entitlements across multiple systems and applications. Identity management functions are defined in the context of these challenges.

The remainder of this paper is organized as follows:

A variety of identity stores:A description of why organizations manage user profile data in a diversity of systems.
Managing identities and entitlements across applications – the challenge:A step-by-step description of why managing user identity data is difficult in a large organization.
Relevant technologies – the solutions:How different technologies help to streamline and secure the identity management process.
Identity management – a simple definition:A definition for what constitutes identity management, given the preceding description of the business problem and its technological solutions.