| Download ( PDF | 845kB) |
Minimizing insider misuse through secure Identity Management
Fuchs, Ludwig and Pernul, Günther (2012) Minimizing insider misuse through secure Identity Management. Security and Communication Networks 5 (8), pp. 847-862.Date of publication of this fulltext: 01 Aug 2012 07:48
Article
DOI to cite this document: 10.5283/epub.25548
Abstract
To avoid insider computer misuse, identity, and authorization data referring to the legitimate users of systems must be properly organized, constantly and systematically analyzed, and evaluated. In order to support this, structured and secure Identity Management is required. A comprehensive methodology supporting Identity Management within organizations has been developed, including gathering of ...
To avoid insider computer misuse, identity, and authorization data referring to the legitimate users of systems must be properly organized, constantly and systematically analyzed, and evaluated. In order to support this, structured and secure Identity Management is required. A comprehensive methodology supporting Identity Management within organizations has been developed, including gathering of identity data spread among different applications, systematic cleansing of user account data in order to detect semantic as well as syntactic errors, grouping of privileges and access rights, and semiautomatic engineering of user roles. The focus of this paper is on the cleansing of identity and account data leading to feedback where insider misuse due to existing privileges which go beyond the scope of the users' current need-to-know may occur. The paper in detail presents used data cleansing mechanisms and underlines their applicability in two real-world case studies.
Alternative links to fulltext
Involved Institutions
Details
| Item type | Article | ||||
| Journal or Publication Title | Security and Communication Networks | ||||
| Publisher: | John Wiley & Sons, Ltd. | ||||
|---|---|---|---|---|---|
| Volume: | 5 | ||||
| Number of Issue or Book Chapter: | 8 | ||||
| Page Range: | pp. 847-862 | ||||
| Date | August 2012 | ||||
| Additional Information (public) | Article first published online: 25 FEB 2011 | ||||
| Institutions | Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatics and Data Science > Department Information Systems > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) | ||||
| Identification Number |
| ||||
| Related URLs |
| ||||
| Dewey Decimal Classification | 000 Computer science, information & general works > 004 Computer science | ||||
| Status | Published | ||||
| Refereed | Yes, this version has been refereed | ||||
| Created at the University of Regensburg | Yes | ||||
| URN of the UB Regensburg | urn:nbn:de:bvb:355-epub-255482 | ||||
| Item ID | 25548 |
Export bibliographical data
Owner only: item control page
Download Statistics
Download Statistics