AUTOMATING PERIODIC ROLE-CHECKS A TOOL-BASED APPROACH

Authors

Ludwig Fuchs, Universität Regensburg
Christian Müller, Universität Regensburg

Abstract

The use of roles in Identity Management has proven to be a solution for reorganising and securing the access structures of organisations. One critical challenge companies face after they implemented roles is the maintenance of the role system itself. This includes sophisticated duties like periodically verifying the valid roles. We argue that due to the high complexity, periodic rolechecks need to be automated. However, as a result of lacking theoretical foundation, no approaches to leverage the level automation have been published so far. In this work we develop a catalogue of use cases that affect the role definitions within an organisation. We propose checkROLE, a tool for automated role-checking on basis of the defined use case catalogue.

Recommended Citation

Fuchs, Ludwig and Müller, Christian, "AUTOMATING PERIODIC ROLE-CHECKS A TOOL-BASED APPROACH" (2009). Wirtschaftsinformatik Proceedings 2009. 75.
https://aisel.aisnet.org/wi2009/75