Identity and Access Management 101

Identity and access management 101Welcome to identity and access management (IAM) 101, where we’ll cover the history and value of the IAM market. For many years, identity management has been largely a sleeping industry – important, but mostly out of the spotlight. Over the last few years, though, there has been tremendous innovation in the identity and access management sector.

Identity and Access Management 101: LDAP

IAM 101 could be said to start in the early 1960s, when Fernando Corbato invented the first computer password at MIT. But the spark that kicked off the modern era of identity and access management that we know was the creation of the Lightweight Directory Access Protocol (LDAP) in the early 1990s. Developed in the early 1990s by JumpCloud advisor Tim Howes and others at the University of Michigan, the Lightweight Directory Access Protocol was designed to be a lightweight version of the X.500 directory services protocols that were being implemented at the time.

Many organizations began leveraging the LDAP protocol with username and password information as well as a variety of other attributes (such as address, telephone number, group, etc). Due to its capacity to authenticate and authorize user access, the LDAP protocol became a core directory service protocol for the Internet.

The LDAP protocol would go on to serve as the cornerstone for two key innovations in the IAM marketplace – Microsoft® Active Directory® (AD) and OpenLDAP™. Both of these on-prem identity providers (IdPs) were brought about in the late 1990s and quickly became foundational in the IAM realm.

The Rise and Fall of Active Directory

What is Active DriectoryAt the time when AD and OpenLDAP were introduced, the vast majority of IT infrastructures were a network of Windows®-based resources. Not surprisingly, Microsoft Active Directory became a dominant force in the directory services space. Given an environment that was entirely Windows, with on-prem servers and software, IT admins couldn’t imagine a more time and cost efficient identity provider.

But as time went on and the IT landscape evolved, AD’s Microsoft-centric approach became a limiting factor. New types of IT resources emerged, such as web (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Katelyn McWilliams. Read the original post at: