Title :
Different Approaches to In-House Identity Management - Justification of an Assumption
Author :
Fuchs, L. ; Broser, C. ; Pernul, G.
Author_Institution :
Dept. of Inf. Syst., Univ. of Regensburg, Regensburg
Abstract :
The use of roles in identity management infrastructures (IdMI) has proven to be a solution for reorganising and securing access structures of employees. The definition of enterprise-wide roles is one of the most challenging and costly tasks during role development projects. It needs to be carried out on the basis of a predefined role development methodology (RDM). In this paper we present existing methodologies and show their respective pros and cons. Lately some researchers have informally stated that hybrid role development is the most promising way to define roles, however, there hasnpsilat been given a well-defined justification for this decision. The main contribution of this paper is hence the deduction of evaluation criteria based on information gathered from literature, practical experiences, and shortcomings of existing role development approaches. The evaluation criteria form the basis for a comparison framework verifying the assumption that hybrid RDMs are superior to role engineering and role mining methodologies.
Keywords :
business data processing; data mining; security of data; access structures; enterprise-wide roles; evaluation criteria; identity management infrastructures; in-house identity management; predefined role development methodology; role engineering; role mining; Access control; Availability; Chaos; Companies; Conference management; Identity management systems; Information systems; Permission; Resource management; Security; Identity Management; Information Security; Role Development; Role Engineering; Role Mining;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.154
