"Cybercrime costs firms USD 1 trillion globally" - Headlines like this
released by Reuters news agency on 29th January 2009 tend to regularly
dominate international press lately. Surveys indicate that insiders like
employees are one of the biggest threats to data security within
organisations. As a result of improper account management users
accumulate a number of excessive rights over time, resulting in the so
called identity chaos. In the course of constantly growing IT
infrastructures on the one hand, as well as the legislative regulations
and law on the other hand, role-based Identity Management in particular
has become a means of solving the identity chaos and meeting data
security requirements. However, the central challenge organisations face
in this context is how to construct a role catalogue for their Identity
Management infrastructure. Some companies deal with this issue by
applying predominantly manual procedures based on organisational and
operational structures. These approaches are known as Role Engineering
methodologies. Throughout the last few years, so-called Role Mining
methodologies which use Data Mining techniques that cluster existing
access rights of employees have evolved as alternative approaches.
Recent findings show that a combination of Role Engineering and Role
Mining is necessary to define a good collection of roles. This book
gives insight into a hybrid tool-supported methodology for cleansing
identity and account data and developing business roles for employees
using Role Engineering and Role Mining techniques. Its main goals are to
increase the overall user management data quality and support companies
throughout a semi-automated process of defining roles. The methodology
considers existing employee information and access privileges without
neglecting organisational structures and business experts' knowledge
about the organisation.
