Different Approaches to In-House Identity Management - Justification of an Assumption

Fuchs, Ludwig; Broser, Christian; Pernul, Günther

doi:10.1109/ares.2009.154

Cited by 6 publications

(5 citation statements)

References 32 publications

(53 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…They are not designed for classical inhouse identity management environments where employees with a defined task range are managed (cmp. Fuchs and Pernul (2007); Fuchs et al (2009)), but aim to mitigate risk when little user information is available.…”

Section: Increase Grade Of Automationmentioning

confidence: 99%

“…application systems that manage individual user accounts and permissions for their own application context) (Fuchs and Pernul, 2007). While having an integrated data view on the identity management infrastructure is a common prerequisite for IAM measures, the creation of such a view requires significant effort and should therefore not be neglected (Fuchs et al, 2009).…”

Section: Data Availabilitymentioning

confidence: 99%

See 1 more Smart Citation

Optimization of Access Control Policies

Kern¹,

Baumer²,

Groll³

et al. 2022

Journal of Information Security and Applications

View full text Add to dashboard Cite

Section: Increase Grade Of Automationmentioning

confidence: 99%

Section: Data Availabilitymentioning

confidence: 99%

Optimization of Access Control Policies

Kern¹,

Baumer²,

Groll³

et al. 2022

Journal of Information Security and Applications

View full text Add to dashboard Cite

“…In diesem Zusammenhang wird häufig auch von föderierten IdMAnsätzen (vgl. Fuchs et al 2009) gesprochen, bei denen sich die Benutzer sicher und komfortabel bei einem zentralen Identitätsverwalter authentifizieren können. Voraussetzung für diese Form des IdM ist ein gegenseitiges Vertrauen der beteiligten Partner innerhalb der Cloud.…”

Section: Identity Management Im Kontext Von Cloud Computingunclassified

Sicherheitsherausforderungen in hochverteilten Systemen

Meer

Diener

Herkenhöner

et al. 2013

PIK - Praxis Der Informationsverarbeitung Und Kommunikation

View full text Add to dashboard Cite

“…Similar to approaches used for the cleansing of static access privilege assignments, for example presented in [31,32], the DPMP requires human expert interaction after the detection of potentially reasonable policies. In case the system suggests an unreasonable large number of new policies potentially including a high rate of false-positives (detected policy suggestions which are discarded after human review), it would add an additional burden rather than create value for an organization.…”

Section: Policy Mining Settingsmentioning

confidence: 99%

“…Semantic analysis [31,32] introduce a classification for every assignment based on the examination in context of other entities within the given scope. A simple example would be if only one employee within the "development" department owns the entitlement "access marketing share".…”

Section: Security Policymentioning

confidence: 99%

Adaptive identity and access management—contextual data based policies

Hummer

Kunz

Netter³

et al. 2016

EURASIP J. on Info. Security

View full text Add to dashboard Cite

Due to compliance and IT security requirements, company-wide identity and access management within organizations has gained significant importance in research and practice over the last years. Companies aim at standardizing user management policies in order to reduce administrative overhead and strengthen IT security. These policies provide the foundation for every identity and access management system no matter if poured into IT systems or only located within responsible identity and access management (IAM) engineers' mind. Despite its relevance, hardly any supportive means for the automated detection and refinement as well as management of policies are available. As a result, policies outdate over time, leading to security vulnerabilities and inefficiencies. Existing research mainly focuses on policy detection and enforcement without providing the required guidance for policy management nor necessary instruments to enable policy adaptibility for today's dynamic IAM. This paper closes the existing gap by proposing a dynamic policy management process which structures the activities required for policy management in identity and access management environments. In contrast to current approaches, it utilizes the consideration of contextual user management data and key performance indicators for policy detection and refinement and offers result visualization techniques that foster human understanding. In order to underline its applicability, this paper provides an evaluation based on real-life data from a large industrial company.

show abstract

Different Approaches to In-House Identity Management - Justification of an Assumption

Cited by 6 publications

References 32 publications

Optimization of Access Control Policies

Optimization of Access Control Policies

Sicherheitsherausforderungen in hochverteilten Systemen

Adaptive identity and access management—contextual data based policies

Contact Info

Product

Resources

About