Identity Access Management

Edit online

IBM Verify Identity Access Digital Credentials are used for authentication and authorization for accessing online resources.

Figure 1. Identity and Access Management Strength
iam-process-strength
Important:

Depending on the level of certainty required by business policies of the verifier, several questions must be addressed:

  1. Has the user gained access to the device by using secure biometrics?

  2. Has the user gained access to the application that contains the security artifacts (keys, tokens) by using secure biometrics?

  3. Has the user provided evidence that the device is a known and registered device?

  4. Can the user demonstrate that the credentials being presented were properly acquired?

  5. Can the user present verifiable credentials in accordance with a policy-based request that is made by the verifier?

Questions 1, 2,5 are managed by VC solutions.

Question 3 is typically a requirement for enterprises, with each implementation varying by organization.

Question 4 is a capability that is supported by VC solutions, though it is not fully investigated yet.