This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)(Learn how and when to remove this template message)
Identity-based security is an approach to control access to a digital product or service based on the authenticated identity of an individual. This allows organizations to grant access to specific users to a variety of digital services using the same credentials, ensuring the accurate match between what users are entitled to and what they actually receive, while also permitting other access constraints such as company, device, location and application type (attributes). Underpinning the identity-based security approach is the identity-based access control (IBAC) (or identity-based licensing) concept.
NIST defines identity-based security policies as policies "based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting access."
Some of the advantages of the identity-based security approach include the ability to exercise very fine-grained control over who is allowed to use which services and which functions those users can perform, and that it is device-agnostic, offering the possibility to enforce access control policy across a variety of devices, such as smartphones, tablets, and PCs.
- Attribute-based access control
- Federated identity
- Identity-based conditional proxy re-encryption
- Identity driven networking
- Identity management system
- Network security
- Self-sovereign identity
- "Identity and Access Management: Pillars for effective Personalisation" (PDF). 10duke.com. 2016-02-08. Archived (PDF) from the original on 2017-07-05. Retrieved 2017-11-14.
- Linthicum, David (2014). "Analyst Report: Identity-based security and the cloud". Gigaom. Archived from the original on 2016-06-24. Retrieved 2017-11-14.
- "Glossary: Identity-Based Access Control". Computer Security Resource Center. NIST. Retrieved 2017-11-14.
- "What is identity-based licensing?". 10duke.com. 2016-02-02. Archived from the original on 2017-11-14. Retrieved 2017-11-14.
- "Adobe Flash Media Rights Management Server 1.0 Overview for Microsoft Windows, Linux, and UNIX" (PDF). Workflows - Identity-based licensing. Adobe Systems. 2008-05-01. Archived (PDF) from the original on 2017-08-29. Retrieved 2017-11-14.
- SP 800-33 - Underlying Technical Models for Information Technology Security, Gary Stoneburner, p. 21, December 2001, NIST Computer Security Publications - NIST Special Publications (SPs), doi:10.6028/NIST.SP.800-33. Retrieved 4 April 2017.
- Enrico, Sabbadin (2003-12-23). ".NET Identity and Principal Objects". informIT. Pearson Education. Archived from the original on 2017-11-14. Retrieved 2017-11-14.
- Powell, James E. (2012-07-16). "Q&A: Addressing BYOD with Identity-Based Security". Enterprise Systems Journal. Archived from the original on 2017-11-14. Retrieved 2017-11-14.