Today, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture to help federal civilian departments and agencies integrate their identity and access management (IDAM) capabilities into their ICAM architectures. Prior to this release, there was no singular, authoritative, and recognized reference for architecting an ICAM capability across an enterprise.
This publication provides:
- a description of the federal ICAM practice area, including how ICAM services and components implement ICAM use cases,
- a description of related CDM capabilities,
- an introduction to federation services, and
- a high-level notional physical implementation.
In addition, it explores zero trust architecture and illustrates how ICAM and CDM help enable it.
CISA encourages federal departments and agencies to use this publication to create their most robust and effective ICAM capability. CISA’s Continuous Diagnostics and Mitigation Program web page offers additional resources.