The following provides an overview of the functionality of the Identity Authority Manager (IdAM).
The Identity Authority Manager industrial-grade hardware appliance enables the integration of identity issuing workflows in industrial environments such as production facilities, building management systems, and plant construction. IdAM provides an out-of-the-box solution to adapt the issuing and management of digital device identities in industrial installations.
The Identity Authority Manager allows you to:
- Integrate certificates issuing processes in line with your issuing policy.
- Integrate personalization processes with your devices in different stages of the production.
- Analyze and validate incoming device data to ensure their authenticity.
- Build workflows based on personalization issuing events.
- Pre-configure CA Services, see CA Management.
- Enable use case-specific protocols and workflows using customizable rule chains and adapter frameworks.
Issuing Device Certificates
To demonstrate the concepts of the Identity Authority Manager following a real-life scenario, we provide a step-by-step guide to describe how the IdAM is integrated into different kinds of application scenarios, see How to Issue Device Certificates.
Entities and Relations
IdAM provides a user interface to provision and manage multiple entity types and their relation in your identity issuing process. The following entities are supported:
- Tenants: Tenants are an individual or an organization who owns or produce devices. Tenants may have multiple tenant administrator users and operators.
- Operator: Operators are individual or an organization who are working with the devices.
- Adapter: Adapters are the basic device and service entities that may produce incoming personalization requests, and manage the interaction to the service. For example, the Device Adapter, and the CA Service.
- Dashboards: Provides the visualization of your workflow processes and the ability to control particular service statuses through the user interface.
- CA Profile: CA Service entity that can be accessed within a rule chain via corresponding rule nodes.
- Rule Node: Processing units for incoming messages and events.
- Rule Chain: A logic unit of related Rule Nodes.
For more information on Rule Chains and Rule Nodes, see Rule Engine Concepts.