Direkt zum Inhalt
Universität Regensburg
DE : this page in English

Weishäupl, Eva ; Kunz, Michael ; Yasasin, Emrah ; Wagner, Gerit ; Prester, Julian ; Schryen, Guido ; Pernul, Günther

Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory

Weishäupl, Eva, Kunz, Michael, Yasasin, Emrah, Wagner, Gerit, Prester, Julian, Schryen, Guido und Pernul, Günther (2015) Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory. In: 2nd International Workshop on Security in highly connected IT Systems (SHCIS’15), 21-25 Sep 2015, Vienna, Austria. (Im Druck)

Veröffentlichungsdatum dieses Volltextes: 16 Jul 2015 14:37
Konferenz- oder Workshop-Beitrag
DOI zum Zitieren dieses Dokuments: 10.5283/epub.32143

[img]
Vorschau
Download ( PDF | 166kB)

Zusammenfassung

Nowadays, providing employees with failure-free access to various systems, applications and services is a crucial factor for organizations’ success as disturbances potentially inhibit smooth workflows and thereby harm productivity. However, it is a challenging task to assign access rights to employees’ accounts within a satisfying time frame. In addition, the management of multiple accounts and ...

Nowadays, providing employees with failure-free access to various systems, applications and services is a crucial factor for organizations’ success as disturbances potentially inhibit smooth workflows and thereby harm productivity. However, it is a challenging task to assign access rights to employees’ accounts within a satisfying time frame. In addition, the management of multiple accounts and identities can be very onerous and time consuming for the responsible administrator and therefore expensive for the organization. In order to meet these challenges, firms decide to invest in introducing an Identity and Access Management System (IAMS) that supports the organization by using policies to assign permissions to accounts, groups, and roles. In practice, since various versions of IAMSs exist, it is a challenging task to decide upon introduction of an IAMS. The following study proposes a first attempt of a decision support model for practitioners which considers four alternatives:
Introduction of an IAMS with Role-based Access Control RBAC) or without and no introduction of IAMS again with or without RBAC. To underpin the practical applicability of the proposed model, we parametrize and operationalize it based on a real world use case using input from an expert interview.

Beteiligte Einrichtungen

Details

DokumentenartKonferenz- oder Workshop-Beitrag (Paper)
DatumSeptember 2015
InstitutionenWirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul)
Informatik und Data Science > Fachbereich Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul)
Wirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Entpflichtete oder im Ruhestand befindliche Professoren > Professur für Wirtschaftsinformatik (Prof. Dr. Guido Schryen)
Stichwörter / KeywordsIdentity and Access Management; Economic Decision Making; Information Systems; Information Security Investment; Decision Theory
Dewey-Dezimal-Klassifikation000 Informatik, Informationswissenschaft, allgemeine Werke > 004 Informatik
StatusIm Druck
BegutachtetJa, diese Version wurde begutachtet
An der Universität Regensburg entstandenJa
URN der UB Regensburgurn:nbn:de:bvb:355-epub-321437
Dokumenten-ID32143

Bibliographische Daten exportieren

Hochladedatum:16 Jul 2015 14:37/Metadaten zuletzt geändert: 25 Nov 2020 23:50

Nur für Besitzer und Autoren: Kontrollseite des Eintrags
Downloadstatistik

Downloadstatistik

Weitere Literatur (mittels CORE)

Weitere Literatur (mittels CORE)

nach oben