Overview#

Credential Management is the management of Credentials.

Credential Management is the set of practices that an Credential Service Provider uses to:[1]

credentials for identities within their context and amongst any Federation partners

Risks with Credential Management#

  • Attackers that can gain control of your Credential Management system can issue credentials that make them an insider, potentially with privileges to compromise systems undetected.
  • Compromised Credential Management processes result in the need to re-issue credentials, which can be an expensive and time-consuming process.
  • Business application owners’ expectations around security and Trust Models are rising, and can expose Credential Management as a weak link that may jeopardize compliance claims.

These Credentials are secrets and may consist of:

No Recovery#

Any Authentication Method (or Authentication Factor) without a Credential Management that includes credential recovery, requires the replacement of the Credential.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-5) was last changed on 02-Apr-2017 09:32 by jim