Managing the Access Grid - A Process View to Minimize Insider Misuse Risks

It is generally agreed upon the fact that the quality of Identity- and Access Management (IAM) data such as user accounts, access privileges or consistent user representation among different security domains is low. Growing user populations in medium- and large-sized organizations lead to a so called “identity chaos” in which over-privileged employees increase the risk of insider misuse. Recent governance and compliance mandates have amplified the importance of minimizing these risks. In order to fulfill these requirements, organizations focus on implementing role-based user management. To set up a role-based access control system, they face the challenge of modeling suitable roles for their employees. In this paper we show how the role modeling process can be improved by utilizing the so called access grid, a visualization technique to incorporate human interaction into the process of role creation.