***Welcome to ashrafedu.blogspot.com * * * This website is maintained by ASHRAF***

Posts

    Latest Updates

    Monday, May 23, 2022

    Identity management and web services

    Identity management (IdM), ensures that only authorized people have access to the technology resources they need to perform their job functions.

    It includes polices and technologies that encompass an organization-wide process to properly identify, authenticate, and authorize people, groups of people, or software applications through attributes including user access rights and restrictions based on their identities.

    Identity management works hand-in-hand with identity and access management (IAM) systems. Identity management is focused on authentication, while access management is aimed at authorization.

    The main goal of identity management is to ensure only authenticated users are granted access to the specific applications, systems or IT environments for which they are authorized. This includes control over user provisioning and the process of onboarding new users such as employees, partners, clients and other stakeholders.

    Identity management also includes control over the process of authorizing system or network permissions for existing users and the offboarding of users who are no longer authorized to access organization systems.

    Identity management is an important part of the enterprise security plan, as it is linked to both the security and productivity of the organization.

    Using identity management, organizations can safeguard their corporate assets against many threats including hacking, ransomware, phishing and other malware attacks.

    Identity management systems add an additional layer of protection by ensuring user access policies and rules are applied consistently across an organization.

    Web services will be the easiest and most affordable way to integrate one or more PACS (physical access control system) to an IDMS, enabling enterprise-wide, policy-driven access management. While Web services technologies and standards are still evolving, most of the challenges that remain are in the realm of Internet-based services intended for widespread general use and business-to-business e-commerce.

    A Web services “wrapper” can be used as appropriate for the various access control system interface capabilities. (A wrapper is software code that changes an existing interface to an application without substantially increasing its functionality.)

    Implementation of an enterprise-wide identity management system

    The implementation of an enterprise-wide identity management system is of great interest to corporate security for several reasons.

    • An IDMS will close IT security gaps related to enrolling and terminating employees.

    • The deployment of an IDMS is typically accompanied by a role-based access control (RBAC) scheme for the information systems. Once roles are jointly defined by human resources and business managers, and once IT security privileges are assigned to the roles, security privileges can be automatically granted upon enrollment in the IDMS. Privileges are also automatically changed when an employee's position changes, and revoked automatically upon the employee's termination.

    • Physical security can leverage the HR enrollment of employees by integrating the physical access control system (PACS) with the IDMS, so that access control privileges are managed automatically along with IT privileges as HR enrolls, re-assigns and terminates employees.

    Using an IDMS as a common point of reference, physical and IT access control can be synchronized. And using role-based access control to establish privileges based upon job functions, both physical and IT access control can be policy-driven.

    No comments:

    Post a Comment

    Network session analysis

    Network session analysis Network session analysis is a method of monitoring network activity and availability to identify issues, such as ...