Identity management and access governance is defined as a shared platform and consistent
processes for managing information about users: who they are, how they
are authenticated and what they can access.
Identity and access management (IAM) systems address a set of
core business challenges:
The Hitachi ID Identity and Access Management Suite is designed as identity management and access governance middleware,
in the sense that it presents a uniform user interface and a
consolidated set of business processes to manage user objects,
identity attributes, security rights and credentials
across multiple systems and platforms. This is illustrated in
Hitachi ID Suite Overview: Identity Middleware
The Hitachi ID Suite includes several functional identity management and access
- Hitachi ID Identity Manager
-- User provisioning, RBAC, SoD and access certification.
- Automated propagation of changes to user profiles, from systems
of record to target systems.
- Workflow, to validate, authorize and log all security change requests.
- Automated, self-service and policy-driven user and entitlement management.
- Federated user administration, through a SOAP API to a
user provisioning fulfillment engine.
- Consolidated access reporting.
Identity Manager includes the following additional features, at no extra charge:
- Hitachi ID Access Certifier
-- Periodic review and cleanup of security entitlements.
- Delegated audits of user entitlements, with certification by
individual managers and application owners, roll-up of
results to top management and cleanup of rejected security
- Hitachi ID Group Manager
-- Self-service management of security group membership.
- Self-service and delegated management of user
membership in Active Directory groups.
- Hitachi ID Org Manager
-- Delegated construction and maintenance of Orgchart data.
- Self-service construction and maintenance of data about
lines of reporting in an organization.
- Hitachi ID Password Manager
-- Self service management of passwords, PINs and encryption keys.
- Password synchronization.
- Self-service and assisted password reset.
- Enrollment and management of other authentication
factors, including security questions, hardware tokens,
biometric samples and PKI certificates.
Password Manager includes the following additional features, at no extra charge:
- Hitachi ID Login Manager
-- Automated application logins.
- Automatically sign users into systems and applications.
- Eliminate the need to build and maintain a credential
repository, using a combination of password synchronization
and artificial intelligence.
- Hitachi ID Telephone Password Manager
-- Telephone self-service for passwords and tokens.
- Turn-key telephony-enabled password reset, including
account unlock and RSA SecurID token management.
- Numeric challenge/response or voice print authentication.
- Support for multiple languages.
- Hitachi ID Privileged Access Manager
-- Secure administrator and service accounts.
- Periodically randomize privileged passwords.
- Ensure that IT staff access to privileged accounts is
authenticated, authorized and logged.
- Group Manager is available both as a stand-alone product and
as a component of Identity Manager.
The relationships between the Hitachi ID Suite components is illustrated in
Components of the Hitachi ID Suite