Week 5 Discussion 1.docx - CMIT 425 – Week 5 Discussion I...

This preview shows page 1 out of 2 pages.

Unformatted text preview: CMIT 425 – Week 5 Discussion I 4. Identity and access management systems are powerful tools that have the very real ability to boost the information assurance and resulting consumer confidence of a business or organization. These systems come with a myriad selection of different benefits that enable them to tackle many of the different issues and concerns that a modern company faces, irrelevant of that organizations actual size. Some of the most important of these factors are as follows. Enhancing and reworking modern end-user functionality and implementing quality of life improvements. The most important integration is most likely a standard SSO (Single sign on) program that enables a singular log in to function across a multitude of different services. In essence what this is, is that instead of logging into the workstation, then your email, then your other programs you might need to do your job, you now only require a singular over-arching log in. This reduces the frequency and impact that having to remember dozens of passcodes and usernames and thus also reduces some unnecessary strain on the IT department itself. In short it makes the life of the employee simpler while cutting manpower waste. SSO implementation ties itself into the second part which is the overall security of the system as a whole via a system of security profiling. Certain high security areas of a network, such as those containing sensitive information do not need to be included with the automatic sign on of an SSO system. Including these would be counterproductive as if a person is able to breach the first layer of defense, they would already have full access. This succinctly adds in an additional layer of security at virtually no cost and no waste in manpower. This is especially valuable for those employees that work internationally or from home in a telework fashion(Roussos 2003). All that is required is an efficient subdivision of access policies and their distribution to the proper individuals. Furthermore, Identity and Access management also enables an efficient, customizable and automated reporting and auditing system to be used. This is a powerful tool that enables a business to monitor the flow of its data and the manner in which it is used without employing legions of further personnel to do so(Xiong 2014). Keywords and entire databases can be monitored and audited with speed, the most sensitive data can be tracked and followed so that whoever something is done that could be suspicious, the right people are alerted immediately. Ultimately the biggest benefit that such a management system provides, beyond even the enhanced security and the quality of life improvements, is the enhancement of efficiency and the cost savings that come along with it. The work that used to require a dozen people is reduced down to only one person evaluating the reports and managing the software to ensure it works properly(Satchell 2011). It is instrumental when dealing with large corporations in order to keep an eye on potentially hundreds of workstations at the same time while inhibiting an expensive and bloated IT department. References: George Roussos, Don Peterson, & Uma Patel. (2003). Mobile Identity Management: An Enacted View. International Journal of Electronic Commerce, (1), 81. Retrieved from ? direct=true&db=edsjsr&AN=edsjsr.27751088&site=eds­live&scope=site Jinbo Xiong, Zhiqiang Yao, Jianfeng Ma, Ximeng Liu, Qi Li, & Jun Ma. (2014). PRIAM: privacy preserving identity and access management scheme in cloud. KSII Transactions on Internet and Information Systems, (1), 282. ­org.ezproxy.umuc.edu/10.3837/tiis.2014.01.017 Satchell, C., Shanks, G., Howard, S., & Murphy, J. (2011). Identity crisis: user perspectives on multiplicity and control in federated identity management. Behaviour & Information Technology, 30(1), 51–62. ­org.ezproxy.umuc.edu/10.1080/01449290801987292 5. Identification process: The identification process is defined as the establishment of the user’s actual identity and the confirmation thereof. This process in this phase is based upon nothing other than the users own input. Authentication: The authentication process concerns itself with the full verification of who the user has claimed to be. This can consist of any number of processes, from the insertion of a CAC card, to the showing of an ID at the gate of a military base facility, to the simple entering of a pin number or passcode with username. Authorization: The authorization process is an ultimate fusion of both preceding processes for the purpose of proper disbursement of requisite user access protocols. Accountability: This phase is defined as the component which permits the monitoring of all persons and their access rights in order to ensure correct assignment of roles, rights, policies and procedures. Definition, Race Condition: A race condition takes place when any form of asset launches the attempt to conduct an operation that is outside the scope of its assigned purpose or policy(Butelle 2011). Reference: Butelle, F., & Coti, C. (2011). A Model for Coherent Distributed Memory For Race Condition Detection. Retrieved from ? url= ? direct=true&db=edsarx&AN=edsarx.1101.4193&site=eds­live&scope=site ...
View Full Document

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture