Glossary

In computer science, access refers to the permission a user has to get to, and sometimes manage, information stored in a memory or information system.

Access control matrix refers to the document or tool used to list the rights of all users across various information systems.

Access rights are all the specific permissions associated with a user account (or profile).

These grouped permissions can be synthesised through roles such as reader, editor, moderator, or administrator following the logic of hierarchy of privileges.

A user account refers to a set of information linked to a user to access various computer systems or tools.

Contrary to the user profile, which is visible to a majority of roles, the account holds exhaustive information on parameters, preferences, and access rights.

Administrator is the highest user role in the hierarchy of privileges. They grant all the rights to create, delete, and edit tool settings or users.

Is a process through which a computer system checks the legitimacy of an access request made by an entity in order to authorize or deny it.

A Best of Breeds refers to the best tool amongst an entire category.

For example, you can think of Slack as the Best of Breed for professional messaging solutions.

Deprovisioning refers to the automatic withdrawal of resources.
In the case of Identity and Access Management, deprovisioning involves the removal of tools from users, as well as the automation of temporal information (example: date of departure from the company coinciding with the removal of the user from the database from the system).

The General Data Protection Regulation is a EU regulation made in 2016 to set guidelines on personal data processing with the European Union.

Access governance refers to the internal policy put in place by a structure to regulate the use and access to resources by users.

Derived from the verb to hack. Today, a hacker refers to a cyberattacker in a broad sense, in all attempts to break in systems or scam online.

Hierarchy of privileges is a classification of the rights available to the various user profiles of an information system. It makes it possible to distinguish and allocate rights by users according to their needs.

An identity provider (IdP) is a system entity that is used to create, manage, and store digital identities. It enables access requests to be authenticated and issues tokens to supervise sessions.

Least privilege is a security principle that encourages granting a user minimum access and rights required to perform their work.

Also called multi-factor authentication, is an authentication process that requires two or more proofs of identity to authorise access.

The user profile refers to all the information associated to an account and visible to a large number of user roles.

Provisioning refers to the automatic allocation of resources.
When speaking about Identity and Access Management, provisioning is the assignment of tools to users, as well as the automation of temporal information (such as a date of arrival from the company used to trigger the creation of a user in the system database).

RBAC (Role-Based Access Control) is a policy for allocating accesses to an information system according to the principle of user roles.

SCIM stands for System for Cross-domain Identity Management, and is a protocol for standardising identity information exchanged between different entities.

The SSO (Single Sign-On) is an authentication process through which a user gets access to different applications during that one login session.

Shadow IT refers to practices and tools used by users without the approval of the IT department.

In cybersecurity, Zero Trust is a security principle according to which you should never assume anything and should always check the systems, settings, accesses, and other variable factors in the IT landscape.