Identity and Access Management Architecture | 20 | v6

ABSTRACT

Contents Introduction ............................................................................................................................ 222

Authentication .................................................................................................................... 222 Authorization ..................................................................................................................... 222 Administration ................................................................................................................... 223 Audit .................................................................................................................................. 223 IAM: Typical Practice ......................................................................................................... 223 Alternative Architecture: Integrated Decentralized .............................................................. 224 Alternative Architecture: Centralized .................................................................................. 224

The IAM Ecosystem ................................................................................................................ 226 Storing Identities ................................................................................................................ 226 Integrating Identities .......................................................................................................... 227 Administering Identities ..................................................................................................... 228

Identity Request Initiation ............................................................................................. 229 Role Management .......................................................................................................... 230 Approval Processing and Workflow Tracking .................................................................. 232 Interface to Managed Systems .........................................................................................233 Reconciliation Processing ................................................................................................233 User Self-Service ..............................................................................................................233