ABAC
Attribute-Based Access Control - An access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together.
Biometrics
The automated recognition of individuals based on their biological and behavioral characteristics.
Federation
The practice of linking multiple identity management systems to enable single sign-on across different domains.
IAM
Identity and Access Management - The security discipline that enables the right individuals to access the right resources at the right times for the right reasons.
IGA
Identity Governance and Administration - The organizational processes for maintaining and auditing access controls.
JIT
Just-In-Time Access - A method of granting access rights for a limited time period to minimize the attack surface.
JEA
Just Enough Administration - A security technology that provides least privilege access for administrative tasks in Windows environments.
Kerberos
A network authentication protocol that uses tickets to allow nodes communicating over a non-secure network to prove their identity to one another.
LDAP
Lightweight Directory Access Protocol - A protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.
MFA
Multi-Factor Authentication - A security system that requires more than one method of authentication from independent categories of credentials.
OAuth
An open standard for access delegation, commonly used as a way for users to grant websites or applications access to their information on other websites without giving them passwords.
PAM
Privileged Access Management - A solution that helps organizations secure, manage, and monitor access to critical systems by privileged users.
RBAC
Role-Based Access Control - A method of restricting access to resources based on the roles assigned to users within an organization.
SAML
Security Assertion Markup Language - An XML-based open standard for exchanging authentication and authorization data between parties.
SSO
Single Sign-On - An authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems.
XDR
Extended Detection and Response - A security solution that provides comprehensive threat detection, investigation, and response across multiple security layers and data sources.
Zero Trust
A security framework requiring all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.