Access Control System - to ensure that access to assets is authorized and restricted based on business and security requirements related to logical and physical systems.
Access control tokens - The system decides if access is to be granted or denied based upon the validity of the token for the point where it is read based on time, date, day, holiday, or other condition used for controlling validation.
Accountability - ensures that account management has assurance that only authorized users are accessing the system and using it properly.
Authorization – The process of defining the specific resources a user needs and determining the type of access to those resources the user may have.
Single factor authentication – Involves the use of simply one of the three available factors solely in order to carry out the authentication process being requested.
Multi-factor authentication - Ensures that a user is who they claim to be. The more factors used to determine a person's identity, the greater the trust of authenticity.
Attribute-based access control (ABAC) - This is an access control paradigm whereby access rights are granted to users with policies that combine attributes together.
Rule-based access control (RBAC) - An access control model that is based on a list of predefined rules that determine what accesses should be granted.
Discretionary access control (DAC) – The system owner decides who gets access.
Mandatory Access Controls (MACs) - Access control that requires the system itself to manage access controls in accordance with the organization's security policies.
Access control tokens – The system decides if access is to be granted or denied based upon the validity of the token for the point where it is read based on time, date, day, holiday, or other condition used for controlling validation.
False Rejection Rate (Type I) - This is failure to recognize a legitimate user.
False Acceptance Rate (Type II) - This is erroneous recognition either by confusing one user with another, or by accepting an imposter as a legitimate user.
Crossover Error Rate (CER) - This is achieved when the type I and type II are equal.
Open Authorization (OAuth) - The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
Physical access control system - An automated system that manages the passage of people or assets through an opening(s) in a secure perimeter(s) based on a set of authorization rules.
Identity as a Service (IDaaS) - Cloud-based services that broker identity and access management functions to target systems on customers' premises and/or in the cloud.
Security Assertion Markup Language 2.0 (SAML 2.0) – A version of the SAML OASIS standard for exchanging authentication and authorization data between security domains.