Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory

E. Weishäupl, M. Kunz, E. Yasasin, G. Wagner, J. Prester, G. Schryen, G. Pernul, in: 2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15), 2015.

Download
OA 166.01 KB
Conference Paper | English
Author
; ; ; ; ; ;
Abstract
Nowadays, providing employees with failure-free access to various systems, applications and services is a crucial factor for organizations? success as disturbances potentially inhibit smooth workflows and thereby harm productivity. However, it is a challenging task to assign access rights to employees? accounts within a satisfying time frame. In addition, the management of multiple accounts and identities can be very onerous and time consuming for the responsible administrator and therefore expensive for the organization. In order to meet these challenges, firms decide to invest in introducing an Identity and Access Management System (IAMS) that supports the organization by using policies to assign permissions to accounts, groups, and roles. In practice, since various versions of IAMSs exist, it is a challenging task to decide upon introduction of an IAMS. The following study proposes a first attempt of a decision support model for practitioners which considers four alternatives: Introduction of an IAMS with Role-based Access Control RBAC) or without and no introduction of IAMS again with or without RBAC. To underpin the practical applicability of the proposed model, we parametrize and operationalize it based on a real world use case using input from an expert interview.
Publishing Year
Proceedings Title
2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)
LibreCat-ID

Cite this

Weishäupl E, Kunz M, Yasasin E, et al. Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory. In: 2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15). ; 2015.
Weishäupl, E., Kunz, M., Yasasin, E., Wagner, G., Prester, J., Schryen, G., & Pernul, G. (2015). Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory. In 2nd International Workshop on Security in highly connected IT Systems (SHCIS?15).
@inproceedings{Weishäupl_Kunz_Yasasin_Wagner_Prester_Schryen_Pernul_2015, title={Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory}, booktitle={2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)}, author={Weishäupl, Eva and Kunz, Michael and Yasasin, Emrah and Wagner, Gerit and Prester, Julian and Schryen, Guido and Pernul, Günther}, year={2015} }
Weishäupl, Eva, Michael Kunz, Emrah Yasasin, Gerit Wagner, Julian Prester, Guido Schryen, and Günther Pernul. “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory.” In 2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15), 2015.
E. Weishäupl et al., “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory,” in 2nd International Workshop on Security in highly connected IT Systems (SHCIS?15), 2015.
Weishäupl, Eva, et al. “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory.” 2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15), 2015.
Main File(s)
Access Level
OA Open Access
Last Uploaded
2018-12-13T15:09:54Z


Export

Marked Publications

Open Data LibreCat

Search this title in

Google Scholar