Provisioning and Deprovisioning (Process - IAM)

Revocation

1.0 REady for peer review

IAM

• Compliance Assurance (IAM Goal) +++

• Information Security Resilience (IAM Goal) +++

• Establish Trust between Parties (IAM Goal) ++

• Process Automation (IAM Goal) ++

• Improved User Experience (IAM Goal) -

Obtain an adequate level of assurance that obsolete or invalid IAM artifacts (i.e. identities, principals, credentials, authorizations) are revoked in a timely manner to assure the validity of the authentication and authorization processes and thus protect the organization from identity or access abuse.

• Revocation triggers

  • Identity theft / compromise incidents

  • Leavers process

  • Movers process

  • Re-certification decisions

  • Revocation requests

  • System decommissioning

• Organization policies

• Warrant revocation triggers to avoid or mitigate business / technical disruptions

• Manually or automatically invalidate (e.g. by deactivation, cancellation or removal) IAM artifacts (i.e. identity, principal, credential, authorization) in compliance with and within the delays set by policies

• Implement and optimize account lockout policies

• Keep audit logs in compliance with policies

• Revocation Automation (Process - IAM)

• Forward revocation information to relying parties

• Revoked IAM artifacts (i.e. identities, principals, credentials, authorizations)

• Audit logs

• Mechanisms of revocation automation

• Enforced account lockout policies

• If applicable: Information forwarded to relying parties

See sub-processes listed under Activities.

At the level of an organization entity, program or project, the process scope may be defined using the scope dimensions listed below. But at the organization level, the scope must be embraced holistically to effectively manage revocation risks and consider all of these scope dimensions .

• User populations: permanent employees, contractors, partners, customers, consumers, authorities

• Identity categories: humans, robots, processes

• Principal categories: user accounts, technical accounts, service accounts

• Credential categories: passwords, certificates

• Access type: logical, physical (https://open-measure.atlassian.net/wiki/spaces/QUOT/pages/67568001)

• Security session mechanisms or not (account lockout policies)

• IT Systems (business applications, infrastructure, …)

• Organizational scope (region, division, unit, …)

• Leave invalid (e.g.: stolen, compromised, illegitimate, obsolete) IAM artifacts (i.e. identities, principals, credentials, authorizations) vulnerable to abuse

• Cause business / technical disruptions by unwarranted (unnecessary, illegitimate) revocations or revocations that did not properly manage organizational or technical dependencies

• Unreliable revocation automation leading to a false sense of security

• Uninformed relying parties that trust invalid IAM artifacts

• https://open-measure.atlassian.net/wiki/spaces/QUOT/pages/67600460

• https://open-measure.atlassian.net/wiki/spaces/QUOT/pages/67568855

• Sturrus, 2011

• Authentication

• Authorization (Dictionary Entry)

• Authorization Process

• Credential

• Identity

• Principal (Dictionary Entry)

• Identity Lifecycle (Dictionary Entry)

• Relying Party (Dictionary Entry)

• Revocation (Dictionary Entry)