Identity-based security


Identity-based security is an approach to control access to a digital product or service based on the authenticated identity of an individual. This allows organizations to grant access to specific users to a variety of digital services using the same credentials, ensuring the accurate match between what users are entitled to and what they actually receive, while also permitting other access constraints such as company, device, location and application type. Underpinning the identity-based security approach is the identity-based access control concept.
NIST defines identity-based security policies as policies "based on the identities and/or attributes of the object being accessed and of the subject requesting access."
Some of the advantages of the identity-based security approach include the ability to exercise very fine-grained control over who is allowed to use which services and which functions those users can perform, and that it is device-agnostic, offering the possibility to enforce access control policy across a variety of devices, such as smartphones, tablets, and PCs.