Unformatted text preview: CMIT 425 – Week 5
Identity and access management systems are powerful tools that have the very real ability to boost the
information assurance and resulting consumer confidence of a business or organization. These systems
come with a myriad selection of different benefits that enable them to tackle many of the different
issues and concerns that a modern company faces, irrelevant of that organizations actual size. Some of
the most important of these factors are as follows.
Enhancing and reworking modern end-user functionality and implementing quality of life improvements.
The most important integration is most likely a standard SSO (Single sign on) program that enables a
singular log in to function across a multitude of different services. In essence what this is, is that instead
of logging into the workstation, then your email, then your other programs you might need to do your
job, you now only require a singular over-arching log in. This reduces the frequency and impact that
having to remember dozens of passcodes and usernames and thus also reduces some unnecessary strain
on the IT department itself. In short it makes the life of the employee simpler while cutting manpower
SSO implementation ties itself into the second part which is the overall security of the system as a whole
via a system of security profiling. Certain high security areas of a network, such as those containing
sensitive information do not need to be included with the automatic sign on of an SSO system. Including
these would be counterproductive as if a person is able to breach the first layer of defense, they would
already have full access. This succinctly adds in an additional layer of security at virtually no cost and no
waste in manpower. This is especially valuable for those employees that work internationally or from
home in a telework fashion(Roussos 2003). All that is required is an efficient subdivision of access
policies and their distribution to the proper individuals.
Furthermore, Identity and Access management also enables an efficient, customizable and automated
reporting and auditing system to be used. This is a powerful tool that enables a business to monitor the
flow of its data and the manner in which it is used without employing legions of further personnel to do
so(Xiong 2014). Keywords and entire databases can be monitored and audited with speed, the most
sensitive data can be tracked and followed so that whoever something is done that could be suspicious,
the right people are alerted immediately.
Ultimately the biggest benefit that such a management system provides, beyond even the enhanced
security and the quality of life improvements, is the enhancement of efficiency and the cost savings that
come along with it. The work that used to require a dozen people is reduced down to only one person
evaluating the reports and managing the software to ensure it works properly(Satchell 2011). It is
instrumental when dealing with large corporations in order to keep an eye on potentially hundreds of
workstations at the same time while inhibiting an expensive and bloated IT department.
George Roussos, Don Peterson, & Uma Patel. (2003). Mobile Identity Management: An Enacted View. International Journal of Electronic Commerce, (1), 81. Retrieved from ?
Jinbo Xiong, Zhiqiang Yao, Jianfeng Ma, Ximeng Liu, Qi Li, & Jun Ma. (2014). PRIAM: privacy preserving identity and access management scheme in cloud. KSII Transactions on Internet and Information Systems, (1), 282. org.ezproxy.umuc.edu/10.3837/tiis.2014.01.017
Satchell, C., Shanks, G., Howard, S., & Murphy, J. (2011). Identity crisis: user perspectives on multiplicity and control in federated identity management. Behaviour & Information Technology, 30(1), 51–62. org.ezproxy.umuc.edu/10.1080/01449290801987292 5.
The identification process is defined as the establishment of the user’s actual identity and the
confirmation thereof. This process in this phase is based upon nothing other than the users own input.
The authentication process concerns itself with the full verification of who the user has claimed to be.
This can consist of any number of processes, from the insertion of a CAC card, to the showing of an ID at
the gate of a military base facility, to the simple entering of a pin number or passcode with username.
The authorization process is an ultimate fusion of both preceding processes for the purpose of proper
disbursement of requisite user access protocols.
This phase is defined as the component which permits the monitoring of all persons and their access
rights in order to ensure correct assignment of roles, rights, policies and procedures.
Definition, Race Condition:
A race condition takes place when any form of asset launches the attempt to conduct an operation that
is outside the scope of its assigned purpose or policy(Butelle 2011). Reference:
Butelle, F., & Coti, C. (2011). A Model for Coherent Distributed Memory For Race Condition Detection. Retrieved from ?
View Full Document