As the identity management space heats up and increases in complexity, it is prudent to step back and define its various components. An identity server is a core part of any identity and access control infrastructure. It is the central database that stores user credentials. The identity server is the server that all IT resources check with to authenticate user access. At least that’s what should be occurring. The identity server is arguably the most critical part of the identity management infrastructure.
Getting to the Core of an Identity Server
An identity management infrastructure starts with the core user identities which are stored within a secure database. Those identities are then given privileges based on levels of access. Sometimes user access privileges are handled through a grouping mechanism within the user database, while other times they are granted individually on each IT resource. Privileges may also be granted through a combination of those techniques. When users attempt to access an IT resource, their logins are checked against the core identity server to determine whether or not they should gain access.The number of IT resources that an individual needs to access has grown dramatically in recent times. Consequently, there are portions of the identity management stack that focus on enabling users to securely access those IT resources without having to memorize numerous complex passwords. All of this is accomplished while still maintaining strong security thanks to the identity server.
Early Solutions Failed to Identify with the Cloud
Identity servers have been an important part of an IT infrastructure for the past two decades. As computers moved from individual use solutions to network interconnectivity, the identity server became an even more crucial part of the equation. IT organizations required a solution to manage this growing database of connections between users and the IT resources they needed to access. OpenLDAP emerged in the mid-1990s as an open source identity server solution. Microsoft introduced their commercial version called Active Directory (AD) in 1999. AD became the de facto standard over the next fifteen years. As the market diversified, networks shifted from being solely Windows based to being more heterogeneous, and these legacy on-premises solutions struggled. They simply couldn’t make the leap to the cloud era.
DaaS: The Distinctive Cloud-Based Identity Provider
A next generation identity server called Directory-as-a-Service is emerging. This platform is connecting users with the IT resources they need – devices, applications, and networks – regardless of where those resources are located, what platform they are on, or what protocol they leverage. Unlike in the past, this new generation of cloud-based identity provider permits organizations to use whatever types of IT resources they choose.
If you would like to learn more about how Directory-as-a-Service can serve as your cloud-based identity server, drop us a note. Or, feel free to give the cloud-based directory a try for yourself. Your first 10 users are free forever.