Identity fabric definition
Identity fabric is a centralized system designed to securely manage user identities and control system access within an organization. It serves as one central platform that handles user identity authentication, authorization, and management. The identity fabric framework aims to provide an efficient way to protect information at the application layer.
See also: zero trust
What the identity fabric framework entails
- Authentication — Verification of users through passwords, biometrics, or multi-factor authentication.
- Identity federation — Allowing users to use their existing identities from external identity providers (e.g., integrate social media accounts).
- Identity management and administration — Tools and interfaces for creating new identities, updating user attributes, and managing roles and permissions.
- Authorization and access control — Determining user access rights and permissions based on their assigned roles or other defined criteria.
- Single sign-on (SSO) — Access to multiple systems or services with a single set of credentials.
- Security and privacy — Incorporating security measures to protect user identities and sensitive information (for example, encryption).
Identity fabric vs. zero trust
Identity fabric and zero-trust approaches are used in resource management.
- Core principle. While identity fabric revolves around centralized identity management, authentication, and access control, zero trust assumes that no user or device should be inherently trusted. With zero trust, users need to verify and validate every access request, regardless of the user’s location.
- Implementation. Identity fabric is implemented through a centralized platform or infrastructure that manages user identities and access control. It often integrates with existing systems and applications to provide a unified identity management experience. On the other hand, zero trust is implemented through a combination of security principles, technologies, and best practices. It involves implementing robust authentication methods, granular access controls, network segmentation, and continuous monitoring and analysis of user and device behavior.
Where identity fabric can be used
- Enterprise identity and access management (IAM).
- Cloud identity management.
- Customer identity and access management (CIAM).
- Federated identity management.