Identity-based security is an approach to control access to a digital product or service based on the authenticated identity of an individual. This allows organizations to grant access to specific users to access a variety of digital services using the same credentials, ensuring the accurate match between what users are entitled to and what they actually receive while also permitting other access constraints such as company, device, location and application type (attributes). Underpinning the identity-based security approach is the Identity-Based Access Control (IBAC), (or identity-based licensing) concept.
NIST defines identity-based security policies as policies “based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting access.”
Some of the advantages of the identity-based security approach include the ability to exercise very fine-grained control over who is allowed to use which services and which functions those users can perform, and that it is device-agnostic, offering the possibility to enforce access control policy across a variety of devices, such as smartphones, tablets, and PCs.
For more information on how Modern Edge Technologies can build the right Access Control solution for your business, visit our solution page or call us for a consultation.