Identity Lifecycle  |  Provisioning   |   Access Management  |  Roles Management  |  Access Governance

Create Identity

When a new employee or customer needs an electronic identity for the first time, one must be created. The create identity has the following steps:

  • Assign an identity to a specific role or roles (or to map roles to the identity as well, depending on the approach desired or chosen).
  • Map the appropriate rule sets for access to the new identity.
  • Allocate the necessary system resources (for example, home directory, printer) to get started.
  • Enhance any default privileges initially assigned based on the roles and rules mapped to them.
  • Programmatically authenticate to managed resource.
  • Check if the user exists.
  • Dynamically generate a Universal Unique Identity (UUID).
  • Create the user group.
  • Assign UUID to the group.

Change Identity

Change occurs in organizations, such as transfers and promotions. Change in Identity leads to

  • Remapping of existing roles and rules to new roles and rules based on the change.
  • Removing or Adding of access to various resources.
  • Re certification of existing privileges in various resources.

Identity Lifecycle

Access Resources : Identity during his tenure in the organization performs his day today activities. As part of his duties he is authenticated and authorized by IAM infrastructure. Multiple advanced authentication techniques and single sign on for Web applications are used as part of Access Management implementations.

Compliance : Identity goes through periodic review of its access privileges. As part of this identity compliance policy and processes associated with meeting compliance and security controls are implemented on an Identity.

As part of Compliance Management:

  • Validate that users have appropriate privileges
  • Be sure that privileges are granted in accordance with security policies
  • Monitor the effectiveness of identity management controls
  • Understand what roles exist in your organization, and then establish a role model that fits your organization
  • Analyze and maintain that role model as business evolves

Self Service : Self-service tasks are Identity Manager tasks that users can use to manage their own profiles. These tasks are divided into two types:

  • Public tasks :Tasks that users can access without providing login credentials. Examples of public tasks are self-registration, forgotten password, and forgotten user ID tasks.
  • Protected tasks :Tasks for which users provide valid credentials. Examples include tasks for changing passwords or profile information. To gain access to these tasks, users must be given a role, such as the Self Manager role.

Relationship Ends/Retire Identity : When Relationship ends or Identity Retires following steps are invoked:

  • Disable the Roles of an Identity
  • Disable the Rules of an Identity
  • Disable the Access of an Identity
  • Disable the Resources of an Identity


                                                    Copyright © 2016. Technical Strategies Inc., All Rights Reserved.