SlideShare a Scribd company logo

The TOME Project: A Lexicographic Perspective on IAM

David Doret
David Doret

A conference talk given at the KuppingerCole - Identity Fabrics - Future-Proofing IAM conference that took place virtually on March the 3rd 2021.

Technology
1 of 24
Download to read offline
The TOME Project A Lexicographic Perspective on IAM By David Doret March 2021 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. T O M E easure he pen ncyclopedia
(HIDDEN) AGENDA Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. • Brainwashing on the importance of terms accuracy in the IAM field • The TOME Project • Sample Dictionary Entries • What’s Next, Q&As
IS IAM A FIELD OF SPECIAL KNOWLEDGE OR EXPERTISE? YES Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
IS IAM A FIELD OF SPECIAL KNOWLEDGE OR EXPERTISE? 60+ years of academic research and industrial innovation A vibrant community of researchers, products & services vendors, analysts and field professionals YES Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
DO WE HAVE AN ACCURATE IAM TERMINOLOGY? NO Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
DO WE HAVE AN ACCURATE IAM TERMINOLOGY? We have fragmented handywork composed of piecemeal definitions and patchworked lexicons and standards NO Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
HOW IMPORTANT HAVING AN ACCURATE IAM VOCABULARY IS? Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Your IAM Project Communication Misunderstandings Vital Short answer:
HOW IMPORTANT HAVING AN ACCURATE IAM VOCABULARY IS? Think of: • Performance Benchmarking • Stakeholders Management • Product & Services Design • Professional Services • Academic Research • Coaching • Training Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Vital Short answer: Your IAM Project Communication Misunderstandings
THE TOME PROJECT… T O M E easure he pen ncyclopedia Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
WHAT IS THE TOME PROJECT? Non-profit Association Wiki Bibliography Dictionary Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Perpetualy Free Agnostic Collaborative Methodology Community (700+) Corpus Find out more and contribute at: https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1056014337/Methodology
WHAT IS A GOOD DEFINITION?  Neutral (not emotional)  Consensual  Necessarily imperfect  Iterative  As accurate as possible  Intensional (with an “s”)  Visual  Supported with samples  Linked to related terms  Inferred from a corpus of authoritative sources  Substantiated with bibliographic references Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Find out more and contribute at: https://open- measure.atlassian.net/wiki/spaces/DIC/pages/1056014337/Methodology
DICTIONARY ENTRY TEMPLATE Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Find out more and contribute at: https://open- measure.atlassian.net/wiki/spaces/DIC/pages/ 1056014337/Methodology
ENOUGH THEORY: SAMPLE ENTRIES… T O M E easure he pen ncyclopedia Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
CREDENTIAL Definition 1 A data structure that is a collection of identity attributes and assertions that vouches for the identity of an entity through some method of trust and authentication. (…) Logical credential examples: Password, PIN, Public Key Certificate Physical credential examples: Biometrics, Certificates, Driving License, ID Cart, Passport, SIM Card. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/67633343 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Definition 1 An account takeover is a class of identity theft that consists for a perpetrator to take control of an existing identity of another entity without authorization. A common motivationn for account takeover is to earn money by perpetrating fraud. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1079050286 ACCOUNT TAKEOVER Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
PRIVILEGE ABUSE Definition 1 Privilege Abuse is a class of information security threat consisting in an intentional abusive usage of effectively granted access permissions. It is a subclass of the insider threat. It may be divided into two subclasses:  Excessive Privilege Abuse: (…)  Legitimate Privilege Abuse: (…) The main motivations of threat actors for Privilege Abuse are (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/814449037 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Definition 1 A zombie account is a fake digital identity that is controlled by an unauthorized entity. (…) Zombie accounts may typically proliferate on systems such as social networks where subscription is opened to a large audience, where identities are not centrally verified and where zombie account managers may find an interest. (…) The detection of zombie accounts is difficult, function of the sophistication of their management by the zombie account manager. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/782893195 ZOMBIE ACCOUNT Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
SEGREGATION OF DUTIES Definition 1 SoD is a fundamental component of internal control. It is a class of control policy prescribing that two or more people are required to perform some operation in such a way as to prevent the perpetration or concealment of fraud or error, whether by commission or omission. Its goal is to mitigate operational risks of misappropriation, destruction or waste of organizational assets by employees. It accomplishes this by making collusion between agents a necessary condition, thus effectively increasing the difficulty and risk of perpetrating or concealing fraud or error. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1071185955 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
ROLE EXPLOSION Definition 1 Role Explosion is a phenomenon that is sometimes observed in relation to the implementation of Role- Based Access Control. It is characterized by the uncontrolled increase of roles, sometimes with very few members per role. This phenomenon reduces the benefits yielded from Role-Based Access Control and may constitute a liability in extreme cases. Possible causes of role explosion (…) The consequences of role explosion (…) Possible solutions to avoid role explosion (…) (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1152483772 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Definition 1 Authorization Externalization is a software architectural design that consists in externalizing the authorization logic to a specialized and centralized system instead of implementing it within the application. The key drivers for this architectural design are the reduction of the cost and complexity of software development and maintenance related to the authorization logic, and the improved scalability for application owners in consistently managing authorizations across numerous heterogeneous applications. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1137573936 AUTHORIZATION EXTERNALIZATION Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Definition 1 Tranquility is a property that influences the security of systems. Once a system state is demonstrated as statically secure, a difficulty is to further demonstrate that it is dynamically secure. Put differently, to demonstrate that given an initial secure state, subsequent state transitions always lead to a secure system. The tranquility property captures if and how modifications in the security clearance level of subjects (e.g., people) and the security classification level of objects may take place in the system. It distinguishes three possible tranquility levels: • Strong tranquility (…) • Weak tranquility (…) • No tranquility (…) (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1181876587 TRANQUILITY PROPERTY Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
KEY LINKS The homepage of the dictionary: https://open-measure.atlassian.net/wiki/spaces/DIC The homepage of the bibliography: https://open-measure.atlassian.net/wiki/spaces/BIB The LinkedIn feed to stay attuned: https://www.linkedin.com/company/open-measure Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
HOW TO HELP? Users Use and promote and request new entries Reviewers Comment, critique, review, suggest Authors Research and develop entries Patrons Donate at: https://www.patreon.com/ bePatron?u=27895661 Corpus IT Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. https://open-measure.atlassian.net
WHAT’S NEXT… Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. David Doret https://www.linkedin.com/in/daviddoret/

Recommended

Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas Web Security Group
 
Dallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the worldTrend Micro (EMEA) Limited
 
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTING
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTINGAN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTING
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTINGIJNSA Journal
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONS
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONSA SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONS
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONSIJNSA Journal
 
original.pdf
original.pdforiginal.pdf
original.pdfPranavUndre1
 
IAM: Getting the basics right
IAM: Getting the basics rightIAM: Getting the basics right
IAM: Getting the basics rightDavid Doret
 

Recommended

Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas websecuritygroup addressing-top-security-threats-v2
Dallas websecuritygroup addressing-top-security-threats-v2Dallas Web Security Group
 
Dallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group - February Meeting - Addressing Top Security Threats
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the worldTrend Micro (EMEA) Limited
 
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTING
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTINGAN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTING
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTINGIJNSA Journal
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Aviva Spectrum™
 
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONS
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONSA SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONS
A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND SOLUTIONSIJNSA Journal
 
original.pdf
original.pdforiginal.pdf
original.pdfPranavUndre1
 
IAM: Getting the basics right
IAM: Getting the basics rightIAM: Getting the basics right
IAM: Getting the basics rightDavid Doret
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsAmmar WK
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data SecurityCareer Communications Group
 
An adaptive wideband delphi method to study state
An adaptive wideband delphi method to study stateAn adaptive wideband delphi method to study state
An adaptive wideband delphi method to study stateBhavana Raghupatruni
 
Web Security
Web SecurityWeb Security
Web SecurityRandy Connolly
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
Implementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanImplementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanAngie Willis
 
pci compliance for dummies
pci compliance for dummiespci compliance for dummies
pci compliance for dummiesAmithap Krishnan
 
VulnerabilityRewardsProgram
VulnerabilityRewardsProgramVulnerabilityRewardsProgram
VulnerabilityRewardsProgramTaha Kachwala
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS AttackRedZone Technologies
 
DarkWeb
DarkWebDarkWeb
DarkWebProf John Walker FRSA Purveyor Dark Intelligence
 
Advanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global EditionAdvanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global EditionMichael Klein
 
Advanced Physical Access Control for Dummies
Advanced Physical Access Control for DummiesAdvanced Physical Access Control for Dummies
Advanced Physical Access Control for DummiesLiberteks
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsRedhuntLabs2
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
[EMC] Source Code Protection
[EMC] Source Code Protection[EMC] Source Code Protection
[EMC] Source Code ProtectionPerforce
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2Prof John Walker FRSA Purveyor Dark Intelligence
 
White hat march15 v2.2
White hat march15 v2.2White hat march15 v2.2
White hat march15 v2.2Prof John Walker FRSA Purveyor Dark Intelligence
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Investorideas.com
 
IAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process MaturityIAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process MaturityDavid Doret
 
Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)David Doret
 

More Related Content

Similar to The TOME Project: A Lexicographic Perspective on IAM

SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsAmmar WK
 
An adaptive wideband delphi method to study state
An adaptive wideband delphi method to study stateAn adaptive wideband delphi method to study state
An adaptive wideband delphi method to study stateBhavana Raghupatruni
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
Implementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanImplementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanAngie Willis
 
pci compliance for dummies
pci compliance for dummiespci compliance for dummies
pci compliance for dummiesAmithap Krishnan
 
VulnerabilityRewardsProgram
VulnerabilityRewardsProgramVulnerabilityRewardsProgram
VulnerabilityRewardsProgramTaha Kachwala
 
Advanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global EditionAdvanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global EditionMichael Klein
 
Advanced Physical Access Control for Dummies
Advanced Physical Access Control for DummiesAdvanced Physical Access Control for Dummies
Advanced Physical Access Control for DummiesLiberteks
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsRedhuntLabs2
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
[EMC] Source Code Protection
[EMC] Source Code Protection[EMC] Source Code Protection
[EMC] Source Code ProtectionPerforce
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Investorideas.com
 

Similar to The TOME Project: A Lexicographic Perspective on IAM (20)

SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
An adaptive wideband delphi method to study state
An adaptive wideband delphi method to study stateAn adaptive wideband delphi method to study state
An adaptive wideband delphi method to study state
 
Web Security
Web SecurityWeb Security
Web Security
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
Implementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanImplementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control Plan
 
pci compliance for dummies
pci compliance for dummiespci compliance for dummies
pci compliance for dummies
 
VulnerabilityRewardsProgram
VulnerabilityRewardsProgramVulnerabilityRewardsProgram
VulnerabilityRewardsProgram
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
 
DarkWeb
DarkWebDarkWeb
DarkWeb
 
Advanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global EditionAdvanced Physical Access for Dummies HID Global Edition
Advanced Physical Access for Dummies HID Global Edition
 
Advanced Physical Access Control for Dummies
Advanced Physical Access Control for DummiesAdvanced Physical Access Control for Dummies
Advanced Physical Access Control for Dummies
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
[EMC] Source Code Protection
[EMC] Source Code Protection[EMC] Source Code Protection
[EMC] Source Code Protection
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...
 
White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2
 
White hat march15 v2.2
White hat march15 v2.2White hat march15 v2.2
White hat march15 v2.2
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
 

More from David Doret

IAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process MaturityIAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process MaturityDavid Doret
 
Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)David Doret
 
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...David Doret
 
Measuring the Performance of IAM (DACHSec 2020)
Measuring the Performance of IAM (DACHSec 2020)Measuring the Performance of IAM (DACHSec 2020)
Measuring the Performance of IAM (DACHSec 2020)David Doret
 
David doret (2019) SIGS IAM Conference: Revisiting IAM Foundations
David doret (2019) SIGS IAM Conference: Revisiting IAM FoundationsDavid doret (2019) SIGS IAM Conference: Revisiting IAM Foundations
David doret (2019) SIGS IAM Conference: Revisiting IAM FoundationsDavid Doret
 
Infographic - A conceptual graph of access control (2018)
Infographic - A conceptual graph of access control (2018)Infographic - A conceptual graph of access control (2018)
Infographic - A conceptual graph of access control (2018)David Doret
 
A conceptual graph of the problem frame and reference model concepts (2018)
A conceptual graph of the problem frame and reference model concepts (2018)A conceptual graph of the problem frame and reference model concepts (2018)
A conceptual graph of the problem frame and reference model concepts (2018)David Doret
 
Infographic - A conceptual graph of the reference model concept (2018)
Infographic - A conceptual graph of the reference model concept (2018)Infographic - A conceptual graph of the reference model concept (2018)
Infographic - A conceptual graph of the reference model concept (2018)David Doret
 
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...David Doret
 
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...David Doret
 

More from David Doret (10)

IAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process MaturityIAM Performance Measurement and the Virtuous Circle of Process Maturity
IAM Performance Measurement and the Virtuous Circle of Process Maturity
 
Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)Measuring the Performance of IAM (SIGS Webinar - 2020)
Measuring the Performance of IAM (SIGS Webinar - 2020)
 
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...
Measuring the Performance of IAM (KuppingerCole - Identity Fabrics & the Futu...
 
Measuring the Performance of IAM (DACHSec 2020)
Measuring the Performance of IAM (DACHSec 2020)Measuring the Performance of IAM (DACHSec 2020)
Measuring the Performance of IAM (DACHSec 2020)
 
David doret (2019) SIGS IAM Conference: Revisiting IAM Foundations
David doret (2019) SIGS IAM Conference: Revisiting IAM FoundationsDavid doret (2019) SIGS IAM Conference: Revisiting IAM Foundations
David doret (2019) SIGS IAM Conference: Revisiting IAM Foundations
 
Infographic - A conceptual graph of access control (2018)
Infographic - A conceptual graph of access control (2018)Infographic - A conceptual graph of access control (2018)
Infographic - A conceptual graph of access control (2018)
 
A conceptual graph of the problem frame and reference model concepts (2018)
A conceptual graph of the problem frame and reference model concepts (2018)A conceptual graph of the problem frame and reference model concepts (2018)
A conceptual graph of the problem frame and reference model concepts (2018)
 
Infographic - A conceptual graph of the reference model concept (2018)
Infographic - A conceptual graph of the reference model concept (2018)Infographic - A conceptual graph of the reference model concept (2018)
Infographic - A conceptual graph of the reference model concept (2018)
 
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...
Infographic - The goal of Role-Based Access Control (RBAC) in the context of ...
 
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...
David Doret (2019) IDM Conference, London, IAM - Getting the basics right - R...
 

Recently uploaded

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 

The TOME Project: A Lexicographic Perspective on IAM

  • 1. The TOME Project A Lexicographic Perspective on IAM By David Doret March 2021 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. T O M E easure he pen ncyclopedia
  • 2. (HIDDEN) AGENDA Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. • Brainwashing on the importance of terms accuracy in the IAM field • The TOME Project • Sample Dictionary Entries • What’s Next, Q&As
  • 3. IS IAM A FIELD OF SPECIAL KNOWLEDGE OR EXPERTISE? YES Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 4. IS IAM A FIELD OF SPECIAL KNOWLEDGE OR EXPERTISE? 60+ years of academic research and industrial innovation A vibrant community of researchers, products & services vendors, analysts and field professionals YES Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 5. DO WE HAVE AN ACCURATE IAM TERMINOLOGY? NO Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 6. DO WE HAVE AN ACCURATE IAM TERMINOLOGY? We have fragmented handywork composed of piecemeal definitions and patchworked lexicons and standards NO Short answer: Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 7. HOW IMPORTANT HAVING AN ACCURATE IAM VOCABULARY IS? Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Your IAM Project Communication Misunderstandings Vital Short answer:
  • 8. HOW IMPORTANT HAVING AN ACCURATE IAM VOCABULARY IS? Think of: • Performance Benchmarking • Stakeholders Management • Product & Services Design • Professional Services • Academic Research • Coaching • Training Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Vital Short answer: Your IAM Project Communication Misunderstandings
  • 9. THE TOME PROJECT… T O M E easure he pen ncyclopedia Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 10. WHAT IS THE TOME PROJECT? Non-profit Association Wiki Bibliography Dictionary Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Perpetualy Free Agnostic Collaborative Methodology Community (700+) Corpus Find out more and contribute at: https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1056014337/Methodology
  • 11. WHAT IS A GOOD DEFINITION?  Neutral (not emotional)  Consensual  Necessarily imperfect  Iterative  As accurate as possible  Intensional (with an “s”)  Visual  Supported with samples  Linked to related terms  Inferred from a corpus of authoritative sources  Substantiated with bibliographic references Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Find out more and contribute at: https://open- measure.atlassian.net/wiki/spaces/DIC/pages/1056014337/Methodology
  • 12. DICTIONARY ENTRY TEMPLATE Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. Find out more and contribute at: https://open- measure.atlassian.net/wiki/spaces/DIC/pages/ 1056014337/Methodology
  • 13. ENOUGH THEORY: SAMPLE ENTRIES… T O M E easure he pen ncyclopedia Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 14. CREDENTIAL Definition 1 A data structure that is a collection of identity attributes and assertions that vouches for the identity of an entity through some method of trust and authentication. (…) Logical credential examples: Password, PIN, Public Key Certificate Physical credential examples: Biometrics, Certificates, Driving License, ID Cart, Passport, SIM Card. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/67633343 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 15. Definition 1 An account takeover is a class of identity theft that consists for a perpetrator to take control of an existing identity of another entity without authorization. A common motivationn for account takeover is to earn money by perpetrating fraud. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1079050286 ACCOUNT TAKEOVER Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 16. PRIVILEGE ABUSE Definition 1 Privilege Abuse is a class of information security threat consisting in an intentional abusive usage of effectively granted access permissions. It is a subclass of the insider threat. It may be divided into two subclasses:  Excessive Privilege Abuse: (…)  Legitimate Privilege Abuse: (…) The main motivations of threat actors for Privilege Abuse are (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/814449037 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 17. Definition 1 A zombie account is a fake digital identity that is controlled by an unauthorized entity. (…) Zombie accounts may typically proliferate on systems such as social networks where subscription is opened to a large audience, where identities are not centrally verified and where zombie account managers may find an interest. (…) The detection of zombie accounts is difficult, function of the sophistication of their management by the zombie account manager. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/782893195 ZOMBIE ACCOUNT Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 18. SEGREGATION OF DUTIES Definition 1 SoD is a fundamental component of internal control. It is a class of control policy prescribing that two or more people are required to perform some operation in such a way as to prevent the perpetration or concealment of fraud or error, whether by commission or omission. Its goal is to mitigate operational risks of misappropriation, destruction or waste of organizational assets by employees. It accomplishes this by making collusion between agents a necessary condition, thus effectively increasing the difficulty and risk of perpetrating or concealing fraud or error. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1071185955 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 19. ROLE EXPLOSION Definition 1 Role Explosion is a phenomenon that is sometimes observed in relation to the implementation of Role- Based Access Control. It is characterized by the uncontrolled increase of roles, sometimes with very few members per role. This phenomenon reduces the benefits yielded from Role-Based Access Control and may constitute a liability in extreme cases. Possible causes of role explosion (…) The consequences of role explosion (…) Possible solutions to avoid role explosion (…) (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1152483772 Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 20. Definition 1 Authorization Externalization is a software architectural design that consists in externalizing the authorization logic to a specialized and centralized system instead of implementing it within the application. The key drivers for this architectural design are the reduction of the cost and complexity of software development and maintenance related to the authorization logic, and the improved scalability for application owners in consistently managing authorizations across numerous heterogeneous applications. (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1137573936 AUTHORIZATION EXTERNALIZATION Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 21. Definition 1 Tranquility is a property that influences the security of systems. Once a system state is demonstrated as statically secure, a difficulty is to further demonstrate that it is dynamically secure. Put differently, to demonstrate that given an initial secure state, subsequent state transitions always lead to a secure system. The tranquility property captures if and how modifications in the security clearance level of subjects (e.g., people) and the security classification level of objects may take place in the system. It distinguishes three possible tranquility levels: • Strong tranquility (…) • Weak tranquility (…) • No tranquility (…) (…) https://open-measure.atlassian.net/ wiki/spaces/DIC/pages/1181876587 TRANQUILITY PROPERTY Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 22. KEY LINKS The homepage of the dictionary: https://open-measure.atlassian.net/wiki/spaces/DIC The homepage of the bibliography: https://open-measure.atlassian.net/wiki/spaces/BIB The LinkedIn feed to stay attuned: https://www.linkedin.com/company/open-measure Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
  • 23. HOW TO HELP? Users Use and promote and request new entries Reviewers Comment, critique, review, suggest Authors Research and develop entries Patrons Donate at: https://www.patreon.com/ bePatron?u=27895661 Corpus IT Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. https://open-measure.atlassian.net
  • 24. WHAT’S NEXT… Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License. David Doret https://www.linkedin.com/in/daviddoret/