|
1 |
Analysis of Identity and Access Management alternatives for a multinational information-sharing environment
Ishaq Azhar Mohammed
Abstract: The main aim of this paper is to explore how Identity and Access Management (IAM) alternatives work in a multinational information-sharing environment work that for instance the Department of Defense. Every nation in the twenty-first century must make choices about how to best use contemporary technology to maximize advantages while minimizing consequences. The Department of Defence, for instance, must be able to quickly exchange information with its allies while at the same time limiting unauthorized exposure or cyberattacks [1]. However, although these cyberattacks represent a danger to the national security of the United States, the appropriate use of cyberspace may result in many advantages for all parties involved. The purpose of this paper is to get an understanding of how the Department of Défense maintains its IAM resources whilst reconciling the need to share information with the obligation to secure from unauthorized access. IAM is not a single process or technology, but rather a complex collection of systems and services operating according to many rules and organizations [1]. The DoD has many benefits in delivering IAM capabilities at the DoD level, particularly uniformity in the way in which services are delivered, better security, cost savings, and allocation by creating a specific, distinct digital identity. IAM is also essential to convert the Zero Trust (ZT) framework into a contemporary data-centered identity access management system. To achieve these benefits, DoD IAM solutions must serve both DoD's internal community and DoD's operational participants, offer gateways that are useful for Component Information Systems, as well as eliminate gaps in ICAM infrastructure support. The IAM supports the centralization of identity and credentials, encompassing management of attributes, credentials, and revocation. Additionally, the ICAM RD provides standardized authentication and authorization procedures and protocols. Considerations on the access of persons and non-personal entities (NPE), which demand access to information, should be primarily governed by local administrations, who understand the significance of protecting the sharing of information [2].
|
Download
|