Fuchs, Ludwig and Pernul, Guenther (2012) Minimizing insider misuse through secure Identity Management. SECURITY AND COMMUNICATION NETWORKS, 5 (8). pp. 847-862. ISSN 1939-0114, 1939-0122
Full text not available from this repository. (Request a copy)Abstract
To avoid insider computer misuse, identity, and authorization data referring to the legitimate users of systems must be properly organized, constantly and systematically analyzed, and evaluated. In order to support this, structured and secure Identity Management is required. A comprehensive methodology supporting Identity Management within organizations has been developed, including gathering of identity data spread among different applications, systematic cleansing of user account data in order to detect semantic as well as syntactic errors, grouping of privileges and access rights, and semiautomatic engineering of user roles. The focus of this paper is on the cleansing of identity and account data leading to feedback where insider misuse due to existing privileges which go beyond the scope of the users' current need-to-know may occur. The paper in detail presents used data cleansing mechanisms and underlines their applicability in two real-world case studies. Copyright (C) 2011 John Wiley & Sons, Ltd.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | ; insider misuse; Identity Management; user account data; quality of identity data; role-based access control |
| Subjects: | 000 Computer science, information & general works > 004 Computer science |
| Divisions: | Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) |
| Depositing User: | Dr. Gernot Deinzer |
| Date Deposited: | 11 May 2020 08:27 |
| Last Modified: | 11 May 2020 08:27 |
| URI: | https://pred.uni-regensburg.de/id/eprint/18393 |
Actions (login required)
 |
View Item |
