{"language":[{"iso":"eng"}],"date_updated":"2022-01-06T07:02:04Z","type":"conference","publication":"2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)","status":"public","year":"2015","extern":"1","author":[{"full_name":"Weishäupl, Eva","last_name":"Weishäupl","first_name":"Eva"},{"last_name":"Kunz","full_name":"Kunz, Michael","first_name":"Michael"},{"first_name":"Emrah","last_name":"Yasasin","full_name":"Yasasin, Emrah"},{"first_name":"Gerit","last_name":"Wagner","full_name":"Wagner, Gerit"},{"last_name":"Prester","full_name":"Prester, Julian","first_name":"Julian"},{"first_name":"Guido","last_name":"Schryen","id":"72850","full_name":"Schryen, Guido"},{"first_name":"Günther","last_name":"Pernul","full_name":"Pernul, Günther"}],"_id":"5590","title":"Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory","department":[{"_id":"277"}],"user_id":"61579","citation":{"mla":"Weishäupl, Eva, et al. “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory.” <i>2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15)</i>, 2015.","bibtex":"@inproceedings{Weishäupl_Kunz_Yasasin_Wagner_Prester_Schryen_Pernul_2015, title={Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory}, booktitle={2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)}, author={Weishäupl, Eva and Kunz, Michael and Yasasin, Emrah and Wagner, Gerit and Prester, Julian and Schryen, Guido and Pernul, Günther}, year={2015} }","ama":"Weishäupl E, Kunz M, Yasasin E, et al. Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory. In: <i>2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15)</i>. ; 2015.","ieee":"E. Weishäupl <i>et al.</i>, “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory,” in <i>2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)</i>, 2015.","short":"E. Weishäupl, M. Kunz, E. Yasasin, G. Wagner, J. Prester, G. Schryen, G. Pernul, in: 2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15), 2015.","apa":"Weishäupl, E., Kunz, M., Yasasin, E., Wagner, G., Prester, J., Schryen, G., &#38; Pernul, G. (2015). Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory. In <i>2nd International Workshop on Security in highly connected IT Systems (SHCIS?15)</i>.","chicago":"Weishäupl, Eva, Michael Kunz, Emrah Yasasin, Gerit Wagner, Julian Prester, Guido Schryen, and Günther Pernul. “Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory.” In <i>2nd International Workshop on Security in Highly Connected IT Systems (SHCIS?15)</i>, 2015."},"ddc":["000"],"file":[{"file_size":166015,"creator":"hsiemes","date_updated":"2018-12-13T15:09:54Z","date_created":"2018-12-07T11:46:28Z","relation":"main_file","content_type":"application/pdf","access_level":"open_access","file_name":"Towards an Economic Approach to IAMS.PDF","file_id":"6040"}],"has_accepted_license":"1","oa":"1","abstract":[{"lang":"eng","text":"Nowadays, providing employees with failure-free access to various systems, applications and services is a crucial factor for organizations? success as disturbances potentially inhibit smooth workflows and thereby harm productivity. However, it is a challenging task to assign access rights to employees? accounts within a satisfying time frame. In addition, the management of multiple accounts and identities can be very onerous and time consuming for the responsible administrator and therefore expensive for the organization. In order to meet these challenges, firms decide to invest in introducing an Identity and Access Management System (IAMS) that supports the organization by using policies to assign permissions to accounts, groups, and roles. In practice, since various versions of IAMSs exist, it is a challenging task to decide upon introduction of an IAMS. The following study proposes a first attempt of a decision support model for practitioners which considers four alternatives: Introduction of an IAMS with Role-based Access Control RBAC) or without and no introduction of IAMS again with or without RBAC. To underpin the practical applicability of the proposed model, we parametrize and operationalize it based on a real world use case using input from an expert interview."}],"keyword":["Identity and Access Management","Economic Decision Making","Information Systems","Information Security Investment","Decision Theory"],"file_date_updated":"2018-12-13T15:09:54Z","date_created":"2018-11-14T11:27:20Z"}