Minimizing insider misuse through secure Identity Management

Authors:
Ludwig Fuchs;Günther Pernul
Affiliations:
Nexis GmbH, Prüfeninger Str. 94a, D-93049 Regensburg, Germany and Department of Information Systems, University of Regensburg, Universitätsstraße 31, D-93053 Regensburg, Germa ...;Department of Information Systems, University of Regensburg, Universitätsstraße 31, D-93053 Regensburg, Germany
Venue:
Security and Communication Networks
Year:
2012

Citing 9
Cited 0

Role-Based Access Control Models

Computer
Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management

Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management
An Approach to Extract RBAC Models from BPEL4WS Processes

WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Class noise vs. attribute noise: a quantitative study of their impacts

Artificial Intelligence Review
Role-Based Access Control, Second Edition

Role-Based Access Control, Second Edition
Handbook of Information Security, Information Warfare, Social, Legal, and International Issues and Security Foundations (Handbook of Information Security)

Handbook of Information Security, Information Warfare, Social, Legal, and International Issues and Security Foundations (Handbook of Information Security)
Mining roles with semantic meanings

Proceedings of the 13th ACM symposium on Access control models and technologies
HyDRo --- Hybrid Development of Roles

ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Oracle Identity Management: Governance, Risk, and Compliance Architecture, Third Edition

Oracle Identity Management: Governance, Risk, and Compliance Architecture, Third Edition

Quantified Score

Hi-index	0.00

Visualization

Abstract

To avoid insider computer misuse, identity, and authorization data referring to the legitimate users of systems must be properly organized, constantly and systematically analyzed, and evaluated. In order to support this, structured and secure Identity Management is required. A comprehensive methodology supporting Identity Management within organizations has been developed, including gathering of identity data spread among different applications, systematic cleansing of user account data in order to detect semantic as well as syntactic errors, grouping of privileges and access rights, and semiautomatic engineering of user roles. The focus of this paper is on the cleansing of identity and account data leading to feedback where insider misuse due to existing privileges which go beyond the scope of the users' current need-to-know may occur. The paper in detail presents used data cleansing mechanisms and underlines their applicability in two real-world case studies. Copyright © 2011 John Wiley & Sons, Ltd.