With the introduction of RBAC for a cost-effective and simpler administration of users and their rights is achieved. However, much more important is the clear allocation of roles regarding compliance requirements such as segregation of duties (SoD) or entitlement certifications. For automatic provisioning in an IAM system roll formation after RBAC is imperative. It is central that we see the elaboration of RBAC-based role model as a guarantee of an efficient identity and access management system.

Role-based access control (RBAC) for a secure access management and control in your company!

The situation in many companies:

  • There are many "ghost" accounts
  • Critical permissions are not systematically checked
  • Employees collect many rights over time that they no longer need to carry out their tasks
  • Time-consuming and error-prone individual rights award
  • Compliance requirements can hardly be met
  • Revision is a nightmare for the responsible persons
  • High administrative costs
  • Potential for improvement in the area of roles and rights lie fallow
  • Increased risk of misuse of access rights

The goals of RBAC are:

  • Creating roles hierarchies with inheritable roles
  • Rules for user access according to the compliance requirements (SoD)
  • Ensuring controlled access to business systems
  • Cost savings (Administration)
  • Quality improvement and effective identity processes throughout the user lifecycle

Step by step to role model:

  • Show role mining potential
  • Perform situation analysis bottom-up
  • Identify sources and evaluate, develop recommendation
  • Analysis of existing entitlements and authorization processes (entry, exit, change) for roles and accounts
  • Risk and Vulnerability Reporting
  • Outline of the approach for a logical DESIRED role model, introducing best practices and suggestions for improvement
  • Create the role model
  • Validating roles
  • Assignment of rights to business roles (permissions)
  • Development of Entitlements for the automatic assignment of rights
  • Role Reeingineering - Role Life Cycle
en_GBEnglish (UK)
de_DEDeutsch en_GBEnglish (UK)