10.01.2022

Identity and Access Management (IAM) today requires particular care in the prioritization of processes governing the controlled access of users to critical resources of their companies. These requirements are changing with the emergence of new security threats. Consequently, the demand for modern technologies supporting IAM is growing. What awaits us soon?

IAM systems and their role

As we mentioned in the introduction, identity and access management IAM enables active control of user access to critical resources in their organizations. Thanks to IAM, administrators can define the scopes of access to systems or networks. They take into account the roles assigned to individual users. IAM records user login information. Thanks to them, access rights are allocated and removed, and their databases are maintained. 

Control over user access reduces the risk of internal and external data breaches. In turn, automation of IAM systems allows companies to operate more efficiently. As in all areas, new trends are emerging in the IAM area.

behavioral-biometrics
Biometric identification in IAM is – in many cases – treated as a replacement for passwords.

SSO and Keycloak.X

Single Sign-On (SSO) allows for fast, secure, and seamless access to online services with a single login of the user’s choice. Single sign-on eliminates the need to manage multiple credentials. The most popular solution in use today is Keycloak, an open-source identity and access management tool for modern applications and services. 

Developmental changes are affecting this product as well. Keycloak.X, which will be released any moment, is expected to be lighter, faster, easier, more scalable, and more cloud-native, according to its developers. Keycloak.X vs. Keycloak is not just a change of code. Also a cultural shift, focusing much more on user experience and delivering a manageable solution over simple code snippets.

The change key will be the move from WildFly to Quarkus. The developers are providing six months for migration.

Self-Sovereign Identity (SSI)

Implementation of this system has been in the works for several years. Self-Sovereign Identity (SSI) is the term used to describe the concept that an individual – just as in the physical world as in the digital world – should own and control identity without the intervention of external authorities. SSI technologies affect the decentralization of identity creation, its attestation, and verification. Identity management directly by the user is, according to many, not too distant future.

Support for artificial intelligence (AI)

The development of IT infrastructure and the number of operations it supports make its management – also in the field of access control – more and more difficult. However, artificial intelligence (AI) and machine learning (ML), is already being used to improve efficiency and automate processes. This trend is sure to expand. 

Blockchain

As defined, blockchain is a chain of blocks. With a shared, immutable register that facilitates the documentation of transactions, both tangible and intangible resources. In the case of IAM, blockchain can be used as an identity verification tool. Confirm the relationship between an individual and their digital identity, and for identity management.

Behavioral biometrics

Biometric identification in IAM is – in many cases – treated as a replacement for passwords. However, biometric databases are not free from breaches. The solution is adaptive biometrics. It integrates biometric identifiers into a continuous authentication model. Instead of static data such as a fingerprint or facial or eye scan, the IAM solution uses behavioral biometrics. Dynamic data such as finger pressure, voice modulation, or eye movement patterns. Each person has unique behaviors that distinguish him/her. And these differentiators are used by IAM systems.

Newsletter