Glossary
P
Business Partner Federation, also known as the B2B federation, establishes a trust relationship between two entities - the Service Provider (SP) and Identity Provider (IDP) using SAML tokens. Partner federation allows organizations to set up one-click access to their applications for partner employees. With B2B federation enabled, partners can easily access secured applications according to their own policies and processes.
Privileged access management (PAM) is a collection of processes and technologies focused on managing, monitoring, and protecting privileged user accounts, such as root or service accounts, within the IT infrastructure of an enterprise.
A privileged user account is an account that has more privileges than standard users. Privileged accounts might, for example, be able to install or remove software, add and remove users, or modify system or application configurations.
The process of granting access to data repositories, networks, applications, and databases based on unique user identity. For example, a new employee can be granted access to network shares and applications based on the user's role within the organization.
Phishing is the fraudulent attempt to obtain sensitive information such as access credentials, credit card details, and personally identifiable information, using deceptive emails and websites.
Policy-based access control, also known as Attribute-based Access Control (ABAC), is a strategy for managing user access to one or more systems, where the business roles of users are combined with policies to determine what access privileges users of each role should have. For example, every role within an organization can be defined as a collection of permissions and restrictions. An organization can then create a policy that allows employees to access objects and execute operations only if their role in the system has the relevant permissions.
Passwordless Authentication refers to a concept of user authentication by means other than a password. For example, users can enter their mobile phone number or email address and receive a one-time code or link, which they can then use to log in. Common types of passwordless authentication include email-based, SMS-based, multi-factor, biometrics, or passwordless authentication for logged-in users.