Background study of Identity and Access Management (IAM)

This chapter recounts an overview of the project, with the aim and objectives. It presents a summary of the project investigation report as well as an overall structure of the entire report.  In today’s ever-evolving business environment, businesses have become global, highly interconnected, and completely dependent on the internet, and with this, the probability of organizations becoming victims of data breaches or various cyber-attacks and threats is increasingly high.  As the use of the Internet increases, the number of users who use the Internet and access the information using the Internet within or outside the organization also increases, hence the implementation of Identity and Access Management (IAM). This has made IAM an important area of technology. The concept of IAM is simply the process of managing who has access to a piece of information and what information.  The key activities involved in IAM include creating identities for users and systems. Identity and Access Management (IAM) holds a crucial foundation for business benefits in terms of saving cost, management control, productivity in the operation of a business, and most especially, improving business growth for e-commerce purposes (Mayuri & Sridevi, 2017).

However, given the growing demands for data and information, IAM technology is confronted by increasingly diversified threats and attacks. With this situation, security has become particularly essential because of the issues of attacks on IAM. Deciding who should get access to whatever information is a matter of difficulty for many organizations and businesses which leaves vulnerabilities in their system. As of now, businesses and corporate companies of various sizes are beginning to utilize and understand the need for implementing an IAM framework. Over the years, business leaders and more especially the IT department in several organizations have been placed under increased regulatory and organizational pressure to make sure that corporate resources are protected by way of controlling access to corporate resources and tracking user privileges (Phil & Gittlen, 2020). As a result of this, corporate businesses can no longer rely on manual and error-prone processes to assign and track user access to resources hence the adoption of IAM. IAM helps automate access control and auditing of corporate resources (Phil & Gittlen, 2020). While the implementation of IAM systems has provided organizations with the appropriate level of security through the use of policies, authentication, validation, and privileges within and outside organizations, the emergence of innovative and sophisticated threats and attacks in recent times has sparked up concerns that question the efficiency of IAM in terms of security. Thus, the risk of attacks posed on IAM is significantly higher than before.

This implies that the implementation of IAM alone is not enough, therefore, proper IAM implementation is necessary to tackle security challenges. Proper IAM implementation, however, requires more than just human work and that is why many organizations are turning to Artificial Intelligence (AI) and Machine Learning (ML) to help implement a proper and well-secured IAM. Utilizing AI and  ML capabilities enhances the efficiency of IAM. This project focuses on implementing a Machine Learning algorithm with IAM to help detect IAM attacks.