Role Lifecycle Management
Roles? Where we are going we don’t need Roles. Well, OK, maybe we do.
Role management is a critical component in addressing governance and compliance requirements for user access to applications and data. Roles support compliance by aligning access privileges to an entity’s job functions within the organization and providing a business context to lower-level entitlements and permissions, which can then be reviewed by management and/or applicable applications owners.
In Role Lifecycle Management, Role Based Access Control (RBAC) and Role Based Provisioning allow for course-grained and fine-grained real time user/entity provisioning and authorization decisions.
Role Based Access Control (RBAC)
In RBAC, application entitlements are associated with roles, and users are made members of roles thereby acquiring the roles’ application entitlements. Roles are defined based on information about users, e.g. department, job function, location, etc., to automate access and validate the appropriateness of entitlements that are granted.
A role-based access control model (RBAC) is used to govern application access requests, including add, change, and remove. The motivation behind RBAC is to simplify and automate administration, audit, and reporting.
Role Based Provisioning
Role Based Provisioning is a process that allows for the provision of access for an user or entity to a specific set of applications or services based on the role or roles said entity is assigned to. Alternatively, a Role change for an user/entity can trigger the removal of entitlements as well as the addition of new entitlements using a managed process.