Identity & access management

Credit: Shutterstock

Identity and Access Management is a fundamental and critical cybersecurity capability. Simply put, with its focus on foundational and applied research and standards, NIST seeks to ensure the right people and things have the right access to the right resources at the right time.

To advance the state of identity and access management, NIST

• Conducts focused research to better understand new and emerging technologies, their impact on existing standards, and the implementation of identity and access management solutions;
• Leads in the development of national and international identity and access management standards, guidance, best practices, profiles, and frameworks to create an enhanced, interoperable suite of secure, privacy-enhancing solutions, including authentication and authorization within the Internet of Things (IoT);
• Evolves its identity and access management standards, guidelines and resources; and
• Produces example solutions that bring together the identity management and cybersecurity requirements needed to address specific business cybersecurity challenges.

Through this Identity and Access Management Resource Center, we seek to share our efforts that strengthen the security, privacy, usability and interoperability of solutions that meet an organization’s identity and access management needs throughout the system lifecycle.