-
Each System of Record (SoR) manages a specific set of entities and attributes.
-
Each SoR must have an associated entity change log or change event stream.
-
An IAM-system-assigned ID must permit the determination of the id’s of that entity in each SoR that holds it.
-
A number of SoR attributes represent properties of the entity itself (identity attributes)
-
Other SoR attributes factor into authorization and access decisions related to that entity.
-
Access policies come from rules over authorization-relevant attributes
-
-
All current identity and authorization-relevant attribute values must be held in a repository.
-
The current entity attribute values repository must support fast, ad hoc queries.
-
Last active
February 6, 2020 00:17
-
-
Save khazelton/85a85ed9d7ca5a2343f7f7a835e4c328 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment