A security database is a persistent data store on a system or application that enumerates:
- The accounts, representing user identities, which may sign into that system or application.
- The credentials that users must supply in order to authenticate to the system or application.
- The security entitlements determine what actions or data users are authorized to perform or access once signed in.
While many systems and applications include an embedded security database, others can reference the same information in an external directory or may accept assertions from a federated access management system. External systems are preferred since they can be shared by multiple systems and applications and so less management is required, policy is easier to enforce, users must remember fewer credentials, etc.