Identity Management and Access Control

Free registration required

Executive Summary

This paper provides an introduction and a broad overview to identity management and access control. In a computerized accounting environment, identity management and access control are the means by which segregation of duties is implemented and enforced. Identity management is meant to support the identification of authorized users. It is a lifecycle activity that involves the establishment, management, and retention (or deletion) of identity information, as well as user enrolment in a system defined by individual and group memberships that assign various levels of access to resources based on business roles and responsibilities. Various authentication techniques used for identification are passwords, biometrics, tokens, tickets, Single-Sign On (SSO), and multiple authentication factors. On the other hand, access management is the control exerted over the user's ability to see, use, change, or delete applications or resources, or to access system or application functionality within a computer network. Access control involves the regulation and restriction of user access to control information and functionality. Individual identities are associated to access rights to specific information and resources within an environment, system or network, and application, based job descriptions and roles. In order to access a given system, application or function, the user must establish their identity, and that identity must be affiliated with rights or permissions to the system, application or function with the system, application or function the user is attempting to access.

  • Format: PDF
  • Size: 1631.6 KB