An Access Control Solution for the Inter-Organizational Use of ITIL Federated Configuration Management Databases

Governance, Risk, and Compliance (GRC) Management is on the edge of becoming one of the most important business activities for enterprises. Consequently, IT departments and IT service providers must sharpen their alignment to business processes and demands. Fulfilling these new requirements is supplemented by best practice frameworks, such as ITIL, which define a complete set of IT Service Management (ITSM) processes. Many ITSM processes rely on accurate information which is provided by the Configuration Management (CM) process and stored in a database called CMDB. As it is next to impossible to store all the necessary data in a single huge database, the distributed storage of so-called configuration items and their relationships has become rather wide-spread and is termed CMDB federation (CMDBf).