Abstract

Organizations comprehend the risks of processing information with technology better, because of
experience or because they are obligated to assess risk by law or regulation. One of the oldest and
most basic measure for protecting the confidentiality and integrity of information is the control of
access to data and functionality. Although access control is a very old principle, today it’s still one of
the largest challenges of securing information processing.

In this research, it becomes clear why the simple principle of controlling access to information and
functionality is very complex to implement and manage in larger organizations. With this research I
tried to gain insight in how IT Governance, people, permission and technology are related together
in reducing risks to an acceptable level by using access control.

Links

• https://repository.tudelft.nl/islandora/object/uuid:47e228e5-645e-497c-a5e2-ec3b4df5e299/datastream/OBJ/download

Citation

Koelewijn, G., 2009. Identity & Access Management - Get in control: IT Governance, people, permission and technical challenges (Master Thesis). TUDelft.