Identity and access management (IAM) software may perform one of a series of functional elements in an overall IAM system.



Main benefit

Example product(s)

Consolidated record of all users and identifying information. May also be used to authenticate users and define authorizations.

Simplified administration (extracted from application silos).

Microsoft Active Directory, Oracle Internet Directory.
Virtual directory

Present a single LDAP view of multiple data sources

Enable applications that can only leverage a single directory to actually interoperate with systems that must be kept current for organizational or other reasons.

Radiant Logic
Password management

Synchronize and reset passwords across multiple applications.

Improve user experience, lower support call volume, improve strength of authentication

Hitachi ID Password Manager
Self-service credential management

Allow users to resolve problems with passwords, one time password tokens, smart cards, security questions, drive encryption keys, etc.

Lower IT support cost and close "social engineering" attacks against login processes.

Hitachi ID Password Manager
Enterprise single sign-on

Automatically inject login IDs and passwords into applications on a PC or laptop.

Improve user service.

Hitachi ID Login Manager
Web single sign-on

Intercept login attempts to web applications. Redirect unauthenticated users to a login page and inject credentials on behalf of already-authenticated users.

Improve user service. Ensure consistently strong authentication. Enable shared authorization and audit across applications.

OpenSSO, Jasig CAS
Federated login

Authenticate a user in one domain and hand credentials and other information about the user to an application in another domain.

Reduced authentication burden for users and administration for IT.

OpenSAML, Shibboleth
Identity and access management

Create, modify and delete users; set identity attributes and manage user membership in security groups across a variety of systems.

Faster onboarding, more reliable deactivation, ensure user rights are appropriate, simplify change management.

Hitachi ID Identity Manager
Access certification

Periodically review and correct user entitlements.

Identify and eliminate stale logins and entitlements.

Hitachi ID Access Certifier
Privileged access management

Find, secure and control access to administrator, application and service accounts.

Eliminate shared, static passwords on the most powerful login IDs.

Hitachi ID Privileged Access Manager
Attribute based access control

Externalize decision logic about what users can access from applications to a shared infrastructure

Faster application development, more flexible and reliable authorization rules.

Axiomatics, Bitkoo

Return to Identity Management Concepts