What is the IdAM Portfolio?

The DoD IdAM Portfolio provides digital identity, authentication, and authorization capabilities and services for the DoD Enterprise. The diagram below provides a visual representation of the capabilities and services offered by the IdAM Portfolio. Details of each capability and service may be found under the IdAM Portfolio section of this site.

The IdAM portfolio is divided into three fundamental capabilities: Manage Digital Identities, Authenticate Users, and Authorize Access to Resources. The services provided to Manage Digital Identities include the Enterprise Identity Attribute Service (EIAS) and Enterprise Directory Services (EDS). The services provided to Authenticate Users include the Public Key Infrastructure (PKI), Public Key Enabling (PKE), DoD Visitor, the Authentication Gateway Service (AGS), and the Global Directory Service (GDS). The services provided to Authorize Access to Resources include Attribute Based Access Control (ABAC) and Account Provisioning.

These capabilities and services provide CC/S/As with tools to manage users and safeguard IT resources. The representative architecture below depicts how the IdAM Portfolio capabilities and services provide a holistic set of IdAM functionality for DoD Enterprise and CC/S/A applications.