Overview#Credential Management is the management of Credentials.
- Credential Enrollment
- Credential Issuance
- Credential Reset or Credential Recovery
- Credential Suspension
- Credential Revocation
- Attackers that can gain control of your Credential Management system can issue credentials that make them an insider, potentially with privileges to compromise systems undetected.
- Compromised Credential Management processes result in the need to re-issue credentials, which can be an expensive and time-consuming process.
- Business application owners’ expectations around security and Trust Models are rising, and can expose Credential Management as a weak link that may jeopardize compliance claims.
These Credentials are secrets and may consist of:
- passwords - for which we have Password Management
- Private Keys - which we really have no real standard for Credential Management, perhaps Secure Element?
- Certificates - which we have maybe Public Key Infrastructure; but that does not provide storage of Private Keys
- Universal Second Factor - Which has no standard for Credential Management
- Biometric Templates - Typically, these
No Recovery#Any Authentication Method (or Authentication Factor) without a Credential Management that includes Credential Recovery, requires the replacement of the Credential.
More Information#There might be more information for this subject on one of the following:
- Biometric Data Challenges
- Credential Recovery
- Password Management
- Universal Second Factor Challenges
- W3C Credential Management API
- [#1] - Federal Identity, Credential, and Access Management Architecture - based on information obtained 2017-04-02-