Access and Identity Management aka Entitlement & Role Management
Role engineering, identity analytics, authorization management are coming
Role life cycle management, identity auditing and authorization management
Questions:
Distributed vs Centralized Entitlement Management
Describe difference between row level security and entitlements
Do you see people 'de-provisioning' entitlements and/or roles
Entitlement auditing necessary vs role management and who is the audience (role governance group?)
Map entitlements to appropriate role leve – Do we, should we management the lowest level OR just the IT roles, not operation and resources
Assigning roles AND entitlements are seperate activities per Earl (Perkins)
identity analytics --> auditing (AND what where there entitlements 8 mos ago)
Policies --> Controls
Business Roles (Ent Roles) --> IT Roles (and rules) are comprised of Entitlements, operations, and resources
This is VERY similar to standard RBAC model
Users → Roles → Attributes (locations, etc) → Permissions → Operations → Resources
what is XACML and why is it important?
A common policy/service registry is a possibility (similar to directories)
The bottom line here is that there are a TON of solutions for each technology, CISCO for Networks, Oracle for Database, BEA for Web App Servers, IBM for WebSSO, etc
NO ONE VENDOR for ALL entitlements management
AND GOOD LUCK getting buy off from the software developers to implement entitlement in their SDLC
1 comment:
Today, while I was at work, my cousin stole my apple ipad and tested to see if it can survive a
30 foot drop, just so she can be a youtube sensation. My iPad is now destroyed and she has 83
views. I know this is entirely off topic but I had to share it with someone!
Here is my webpage Non-traditional financing source
Post a Comment