Discover published sets by community

A system in which multiple independent systems cooperatively support a common identity, or set of identities, for the user. Example: Using a corporate login to access cloud services provided by different vendors.

A principle that users should be granted the minimum levels of access – or permissions – needed to perform their job functions. Example: A user account on a computer system that can only modify its own files and not the files of other users.

An authentication process that allows a user to access multiple applications with one set of login credentials. Example: Logging into a Google account once to access Gmail, Drive, and Calendar.

The act of exploiting a bug, design flaw, or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. Example: A hacker gaining admin rights through a flaw in software.

A security technique that regulates who or what can view or use resources in a computing environment. Example: An electronic key card granting entry to a locked building.

A system that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network. Example: Active Directory, which provides identities for users within an organization.

A physical or digital device that provides two-factor authentication for a user to prove their identity in a secure way. Example: A USB hardware token that generates a one-time password for access to a network.

An approach to restricting system access to authorized users based on their role within an organization. Example: An HR employee having access privileges to employee records but not to financial records.

The monitoring and protection of privileged access to critical assets to ensure that users are not misusing their elevated permissions. Example: Restricting and tracking the activity of administrators who have the ability to change system settings.

The rules designed to improve computer security by encouraging users to employ strong passwords and use them properly. Example: A policy requiring passwords to be at least eight characters long, include numbers, and not be commonly used or easily guessed.

The use of physical or behavioral human characteristics as a form of identification and access control. Example: Using a fingerprint or facial recognition to unlock a smartphone.

A security process in which the user provides two different authentication factors to verify themselves. Example: Entering a password and then entering a code received on a mobile phone.

A table that tells a computer operating system which access rights each user or user group has to a specific system object, like a file directory or individual file. Example: A file system ACL that specifies which users can read or write to a file.

The process of verifying the identity of a user, device, or other entity in a computer system, usually as a prerequisite to granting access to resources in the system. Example: Entering a username and password to log in to an email account.