Identity & Access Management (IAM)

SAML (Security Assertion Markup Language)

An open, XML-based standard for exchanging authentication and authorization data between parties, specifically between an Identity Provider (IdP) and a Service Provider (SP). It is the backbone of most Web-based Single Sign-On (SSO) solutions.

EAP (Extensible Authentication Protocol)

An architectural framework—not a specific protocol—that supports multiple different methods for authentication. It provides the "structure" for negotiating how a user will prove their identity, commonly used in wireless networks.

PEAP (Protected Extensible Authentication Protocol)

A secure version of the EAP framework that encapsulates the authentication traffic inside an encrypted TLS tunnel. This ensures that user credentials cannot be sniffed or stolen during the handshake process.

OTP (One-Time Password)

A password that is valid for only one login session or transaction. It provides a second layer of security because it cannot be reused by an attacker if stolen later.

Zero Trust

A security paradigm that assumes no user, device, or system is trustworthy, regardless of whether they are inside or outside the corporate network. Every access request is fully authenticated, authorized, and encrypted before granting access.

Implicit Trust Zones

A traditional (and now considered risky) network concept where entities are trusted by default simply because they are located "inside" the perimeter firewall. Zero Trust aims to eliminate these.

Adaptive Identity

A smart authentication method that evaluates context and risk factors—such as location, time of day, device health, and user behavior—to decide if a user should be granted access or challenged with extra verification.

Password Policy

A set of rules designed to enhance computer security by encouraging users to employ strong credentials and use them properly.

Common settings include complexity, history, age, and lockouts.