Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management

Fuchs, Ludwig; Pernul, Günther

doi:10.1109/ares.2007.145

Cited by 18 publications

(20 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[5,9]), as well as their underlying access control models has been carried out [10]. However, while the importance of IAM policies in general [5] and of organizational policies in particular [11] has been acknowledged, hardly any work specifically considers the challenge of policy detection and management in large and complex environments.…”

Section: Related Workmentioning

confidence: 99%

“…This includes modules for user management, access management, data handling and synchronization, or user provisioning [5,9]. User management is concerned with managing the identity lifecycle, whereas access management provides functionality to authenticate and authorize users.…”

Section: Functionalitiesmentioning

confidence: 99%

“…In general, typical IAM systems are built on three pillars: processes, technologies and policies [5]. Core identity lifecycle processes like user (de)provisioning or access privilege management are implemented using available automation technologies.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Adaptive identity and access management—contextual data based policies

Hummer

Kunz

Netter³

et al. 2016

EURASIP J. on Info. Security

Self Cite

View full text Add to dashboard Cite

Due to compliance and IT security requirements, company-wide identity and access management within organizations has gained significant importance in research and practice over the last years. Companies aim at standardizing user management policies in order to reduce administrative overhead and strengthen IT security. These policies provide the foundation for every identity and access management system no matter if poured into IT systems or only located within responsible identity and access management (IAM) engineers' mind. Despite its relevance, hardly any supportive means for the automated detection and refinement as well as management of policies are available. As a result, policies outdate over time, leading to security vulnerabilities and inefficiencies. Existing research mainly focuses on policy detection and enforcement without providing the required guidance for policy management nor necessary instruments to enable policy adaptibility for today's dynamic IAM. This paper closes the existing gap by proposing a dynamic policy management process which structures the activities required for policy management in identity and access management environments. In contrast to current approaches, it utilizes the consideration of contextual user management data and key performance indicators for policy detection and refinement and offers result visualization techniques that foster human understanding. In order to underline its applicability, this paper provides an evaluation based on real-life data from a large industrial company.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Functionalitiesmentioning

confidence: 99%

See 1 more Smart Citation

Adaptive identity and access management—contextual data based policies

Hummer

Kunz

Netter³

et al. 2016

EURASIP J. on Info. Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…It deals with the storage, administration, and usage of digital identities during their lifecycle. The aforementioned identity chaos needs to be faced by implementing a centralised IdMI as shown in [7]. Its main building blocks are a Directory Service, User Management, Access Management, and an Auditing Module.…”

Section: In-house Identity Managementmentioning

confidence: 99%

“…Roles are seen as means to meet compliance demands in general. Yet, implementing a technical IdMI as presented in [7] is only the starting point for getting compliant. IdM is not able to take business needs into consideration on a purely technical level.…”

Section: Introductionmentioning

confidence: 99%

BusiROLE: A Model for Integrating Business Roles into Identity Management

Fuchs

Preis

Trust, Privacy and Security in Digital Business

Self Cite

View full text Add to dashboard Cite

Abstract. The complexity of modern organisations' IT landscapes has grown dramatically over the last decades. Many enterprises initiate role projects in order to reorganise their access structures based on an organisation-wide Identity Management Infrastructure (IdMI). This paper surveys role models and related literature and identifies different role properties. It shows that current role models are not feasible for their usage in IdMIs. By implementing one single type of role they fail to take business requirements and different role perceptions into account. This paper improves the current situation by developing busiROLE, a role model that integrates various types of roles, fulfilling business-as well as IT requirements, and is hence usable in IdMIs.

show abstract

Contributing to Current Challenges in Identity and Access Management with Visual Analytics

Puchta¹,

Böhm

Pernul

2019

Data and Applications Security and Privacy XXXIII

View full text Add to dashboard Cite

Enterprises have embraced identity and access management (IAM) systems as central point to manage digital identities and to grant or remove access to information. However, as IAM systems continue to grow, technical and organizational challenges arise. Domain experts have an incomparable amount of knowledge about an organization's specific settings and issues. Thus, especially for organizational IAM challenges to be solved, leveraging the knowledge of internal and external experts is a promising path. Applying Visual Analytics (VA) as an interactive tool set to utilize the expert knowledge can help to solve upcoming challenges. Within this work, the central IAM challenges with need for expert integration are identified by conducting a literature review of academic publications and analyzing the practitioners' point of view. Based on this, we propose an architecture for combining IAM and VA. A prototypical implementation of this architecture showcases the increased understanding and ways of solving the identified IAM challenges.

show abstract

Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management

Cited by 18 publications

References 7 publications

Adaptive identity and access management—contextual data based policies

Adaptive identity and access management—contextual data based policies

BusiROLE: A Model for Integrating Business Roles into Identity Management

Contributing to Current Challenges in Identity and Access Management with Visual Analytics

Contact Info

Product

Resources

About