MBProMax

internet2 · May 14, 2023 · b8744ff · b8744ff
1 parent 035f76a
commit b8744ff
Showing 3 changed files with 124 additions and 45 deletions.
diff --git a/.DS_Store b/.DS_Store
diff --git a/iam-func-list.adoc b/iam-func-list.adoc
@@ -0,0 +1,76 @@
+=== IAM Functions List
+
+- - -
+
+*User Management, User Concerns*
+
+identity registration, enrollment
+idp discovery and selection
+idp of last resort
+identity proofing
+credentialing
+credential binding 
+account validation
+attribute verification
+identity resolution
+support for multiple accounts (and credentials in some cases) for a single identified person
+
+self-service identity management 
+password management 
+profiling
+progressive profiling
+user preferences 
+account linking
+consent and privacy protection
+
+
+- - -
+
+*Native IAM Capabilities*
+
+multiple AuthN sources and services, (local SSO, social, federated, protocol gateways)
+password and MFA management
+
+access policy management (coarse and fine grained)
+access mgmt admin (distributable)
+request/approval processes
+access to services
+lifecycle transitions definition, admin, and automation
+service accounts
+apps, services as credentialed agents for invoking other services, apis
+
+api specification, design, documentation, style guidelines
+api access to all IAM functionality
+api authNZ
+api registry, gateway
+
+session management and logout
+provisioning, deprovisioning
+messaging and api integration with connected apps & services, app integration generally
+batch reconciliation, 
+near real time sync between registry and connected systems
+auditing, logging, reporting, attestation, compliance support
+service provider onboarding and configuration
+
+
+- - -
+
+*Data Management*
+
+directory services
+IAM data dictionary
+identity and entitlement data access
+
+
+- - -
+
+*Deployment Models*
+
+on-prem, cloud, hybrid, hosted
+
+
+- - -
+
+*The ...ities*
+
+scalability, reliability, performance, security, maintainability, other ...ities
diff --git a/iam-functions-list.adoc b/iam-functions-list.adoc
@@ -1,72 +1,75 @@
-=== IAM Functions List
+=== IAM Functions List
 
 - - -
 
 *User Management, User Concerns*
 
-identity registration, enrollment +
-idp discovery and selection +
-idp of last resort +
-identity proofing +
-credentialing +
-credential binding + 
-account validation +
-attribute verification +
-identity resolution +
-support for multiple accounts (and credentials in some cases) for a single identified person +
-
-self-service identity management + 
-password management + 
-profiling +
-progressive profiling +
-user preferences + 
-account linking +
-consent and privacy protection +
+identity registration, enrollment
+idp discovery and selection
+idp of last resort
+identity proofing
+credentialing
+credential binding 
+account validation
+attribute verification
+identity resolution
+support for multiple accounts (and credentials in some cases) for a single identified person
+
+self-service identity management 
+password management 
+profiling
+progressive profiling
+user preferences 
+account linking
+consent and privacy protection
 
 
 - - -
 
 *Native IAM Capabilities*
 
-multiple AuthN sources and services, (local SSO, social, federated, protocol gateways) +
-password and MFA management +
-
-access policy management (coarse and fine grained) +
-access mgmt admin (distributable) +
-request/approval processes +
-access to services +
-lifecycle transitions definition, admin, and automation +
-service accounts +
-apps, services as credentialed agents for invoking other services, apis +
-
-api specification, design, documentation, style guidelines +
-api access to all IAM functionality +
-api authNZ +
-api registry, gateway +
-
-session management and logout +
-provisioning, deprovisioning +
-messaging and api integration with connected apps & services, app integration generally +
+multiple AuthN sources and services, (local SSO, social, federated, protocol gateways)
+password and MFA management
+
+access policy management (coarse and fine grained)
+access mgmt admin (distributable)
+request/approval processes
+access to services
+lifecycle transitions definition, admin, and automation
+service accounts
+apps, services as credentialed agents for invoking other services, apis
+
+api specification, design, documentation, style guidelines
+api access to all IAM functionality
+api authNZ
+api registry, gateway
+
+session management and logout
+provisioning, deprovisioning
+messaging and api integration with connected apps & services, app integration generally
 batch reconciliation, 
-near real time sync between registry and connected systems +
-auditing, logging, reporting, attestation, compliance support +
-service provider onboarding and configuration +
+near real time sync between registry and connected systems
+auditing, logging, reporting, attestation, compliance support
+service provider onboarding and configuration
 
+directory services
+IAM data dictionary
+identity and entitlement data access
 
 - - -
 
 *Data Management*
 
-directory services +
-IAM data dictionary +
-identity and entitlement data access +
+directory services
+IAM data dictionary
+identity and entitlement data access
 
 
 - - -
 
 *Deployment Models*
 
-on-prem, cloud, hybrid, hosted +
+on-prem, cloud, hybrid, hosted
 
 
 - - -