Identity & Access Management

Get in control: IT Governance, people, permission and technical challenges.

Master thesis (2009)

Authors

G. Koelewijn

Contributors

B.R. Sodoyer (mentor)

H.J.A.M. Geers (mentor)

R. Bakker (mentor)

J.L.G. Dietz (mentor)

Department

Information System Design () (TU Delft)

Identity and Access Management

To reference this document use:

http://resolver.tudelft.nl/uuid:47e228e5-645e-497c-a5e2-ec3b4df5e299

More Info

expand_more

Published Date

18-02-2009

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Information System Design

Abstract

Identity and Access Management (IAM) is about managing “Who has permission to do what on which data and why?” at technical and process level. This is a very complex problem for organizations, because of heterogeneous technology and complex processes. Together with the continuous change in organizations, managing “Who has permission to do what on which data and why?” is a real challenge. (For example: change of working processes, change of people, change of jobs, change of information systems or change of the organization when merging with other organizations.) Current insights, based on practical experience, reflect that IAM is 20% about technology and 80% about processes and IT Governance. In general IT governance literature and frameworks, IAM is only a small topic. IAM specific literature is often only about technology, of course with a few exceptions. One may conclude a gap exists between IAM technology and IT governance literature/frameworks. In short, this research will try to: “Close the gap between IAM technology and general security or IT governance frameworks.” This knowledge will enable organizations to establish IAM more efficiently, without having to go through every known pitfall. The research is performed in 7 chronological steps: 1. Using the results of the literature study on COBIT as guidance in practical applications. (Chapter 2.) 2. Setting the research environment and boundary by a general introduction to the term Identity and Access Management as it will be used in this research. (Chapter 3.) 3. Developing insight in why organizations want to implement an IAM process and how IAM will be used to their benefit. (Chapter 4.) 4. Creating a generic IAM process model based on the literature study, former chapters and practical experience. (Chapter 5.) 5. Business Case: an assignment to implement an IAM process in a large organization. The process model is used as a starting point for this assignment. (Chapter 6 to 12.) 6. Compare theory to practical experiences gained in the business case. (Chapter 13.) 7. Ideas for further research (Chapter 14.)

Files

Thesis_-_Identity__Access.pdf

(pdf | 0.536 Mb)