Fuchs and Pernul, 2007

Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management

Type

Article

Year

2007

Authors

Fuchs, L., Pernul, G.

Identifiers

  • Print ISBN:0-7695-2775-2

  • INSPEC Accession Number: 9465255

  • DOI: 10.1109/ARES.2007.145

Publication

The Second International Conference on Availability, Reliability and Security (ARES'07)

Pages

374-384

Abstract

The catchword “compliance” dominates the actual debate about Identity Management and information security like few before. Companies need to comply with a variety of internal and external standards and regulations like the US SOX act. Identity Management is seen as a main provider of compliance in modern companies. However, its organisational aspects are underestimated in many projects, lacking a comprehensive approach to introduce in-house Identity Management. This work is based on the experiences gained from industry projects using Identity Management functionalities to strengthen security and to reach a high level of compliance. We develop a structured process-oriented methodology for introducing an Identity Management Infrastructure for organisations using drivers from IT security management to evaluate, rank, and implement subprojects. The methodology consists of an iterative process which enables even large and unstructured organisations to reach a suitable and profitable level of Identity Management by emphasising on organisational aspects rather than taking a merely technical approach.

(, p. 1)

Links

Citation

Fuchs, L., Pernul, G., 2007. Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management, in: The Second International Conference on Availability, Reliability and Security (ARES’07). Presented at the The Second International Conference on Availability, Reliability and Security (ARES’07), IEEE, Vienna, Austria, pp. 374–384. https://doi.org/10/bv8s6t


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.