We may synchronize the Digital Identity from one repository to another. There are probably several methods used in most Organizational Entity from some perl scripts to sophisticated IDM Vendor Products.
Well, it is now 2017 and we have better, safer methods available.
Today a Organizational Entity must implement a dynamic IAM solution that serves employees, customers, partners and devices, regardless of location. This is the evolution of IAM to Identity Relationship Management (IRM).
As customers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and Access Control tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
This shift in business emphasis has a direct technical impact on how we think about identity and Access Control. As a result, we need to take into account the following business-focused pillars when choosing an IRM solution:
- CONSUMERS AND THINGS over employees
- ADAPTABLE over predictable
- TOP LINE REVENUE over operating expense
- VELOCITY over process
- INTERNET SCALE over enterprise scale
- DYNAMIC INTELLIGENCE over static intelligence
- BORDERLESS over perimeter
- MODULAR over monolithic
We need to establish your security infrastructure on protocols and standards that have been peer-reviewed and are seeing market adoption.
For a long time, lack of such standards has been the main impediment for large organizations wanting to adopt RESTful APIs in earnest. This is no longer the case since the advent of the Neo-Security Stack:
- Authentication - OpenID Connect - FIDO
- Provisioning - SCIM
- Identity - JSON Identity Suite
- Federation - OpenID Connect / SAML
- Delegated Access - OAuth 2.0 - User-Managed Access
- Authorization - XACML