What is the Recommended Identity Management Certification

Identity Management and Authentication

Which methods for identity management and authentication does the software offer?
Identification and authentication

Authentication is understood to be the task and user-dependent access and / or access authorization. The purpose of authentication is to protect system functions from misuse. In communication, authentication ensures that the communication partner is who he claims to be.1 In information security, authenticity also refers to the properties of authenticity, uniqueness, verifiability and trustworthiness. The verification of an alleged property is known as authentication. Authentication of the data origin proves that data can be clearly assigned to a specified sender, which can be made possible, for example, by digital signatures.2

Identity management

Identification is a process that is used to clearly identify a person or an object. Identity management in IT and data processing means the administration of user data that is assigned to individual persons and roles. A person can have several identities, while an identity can usually only be assigned to one person. The identity is a collection of personal details that clearly defines and individualizes the person using this identity in the form of attributes.3

Please also note the current market overview of software solutions for identity management, access control and authentication.

As a rule, the identity management system / identity management system or identity access management system (IAM) is operated on a dedicated server or dedicated network of the company. Identity management can be used to meet requirements arising from governance, risk management and compliance (GRC).

Methods

An authentication4 a user can basically perform three different methods:

  1. Proof of and knowledge of certain information, for example a password
  2. The user has a physical key, for example a chip card
  3. The user has his own so-called biometric key, for example his fingerprint, retina, etc.

Application examples for authentication

  • password
  • pin code
  • Answer to a specific question (security question)
  • personal ID card
  • Chip card
  • Smart card, signature card
  • swipe card
  • SIM card
  • physical key
  • Key codes on hard drive
  • digital certificate
  • TAN list and iTAN list
  • PhotoTAN
  • fingerprint
  • face recognition
  • Retinal features (fundus)
  • Typing behavior
  • Voice recognition
  • Iris recognition
  • Handwriting (signature)
  • Hand geometry, palm scanner

advantages

  • Creation of an additional level of security for critical business data
  • Developing trusted identities for network access
  • Increase trust in all business processes and transactions
  • Reduction of the costs for any existing help desk and support organizations and other IT administrations through fewer password resets
  • Better protection against data theft
  • Adherence to specified compliance guidelines
  • Creation of competitive advantage
  • High usability

disadvantage

  • Integrating other systems, such as other password directories, can be difficult
  • Additional software necessary, therefore additional costs arise
  • All authentication data must always be kept secret and stored securely
  • Due diligence concepts for the secure administration and retention of authentication data must be developed

Conclusion

User confidence in the security of authentication and identity management is gradually increasing in the course of data dissemination, especially through Internet processes and open connections. However, many users consider their data to be insufficiently protected. Authentication processes do not always work without errors, but they are clearly one of the stable methods that increase data security and, if used consistently, further increase trust in protected, secret data management in the long term. Related questions about suitable, supported procedures and also about any additional products that may be required are definitely sensible and should always be asked in connection with data security.