People have the highest value in each system. Identity management of individuals identified in the system and controls access to resources. Managing user rights optimize the use of the most important assets.
Common requirements for centralized identity management and centralized management of user rights:
Some of these requirements are specific in light of the users needs, while the others are general.
Generally, use the best methods and procedures known in the market provides users with a fast return on investment.
Implementation of the solution can be divided into two phases.
In the first phase it is necessary to create a so-called Identity Vault. The Identity Vault must contain stored information about all users, permanent and temporary employees and the associates. In addition to the Identity Vault keeps the information and access rights for all IT systems. Identity Vault, created by the principle of access rights verifies users and user rights from the perspective of IT systems. Records kept by Identity Vault can be changed with respect to pre-set procedures, ie. workflows.Through the workflows the user information and access rights could be entered, modifyed or deleted. Workflow helps the processes, but does not automate them completely.
There are pre-set solution for implementing the first phase of the project ('of-the-shelf') with a predetermined process of allocation of user rights. Using this method, the implementation can be done in a short time with little risk.
If there is no clearly defined and documented management procedurer, it needs to be produced at the beginning of the project.
The second phase relates to issues of integration and distribution of certified coupled systems. Integration with third-party applications is possible using existing software elements (connectors). For applications made 'in house' the creation of new connectors is needed. When producing the connectors for these applications it is desirable to use standard interfaces, if possible. Non-standard methods may require the engagement of development teams, and may have implications for the rights of use the intellectual property. It is very important to implement a module for the routine comparison and adjustment to the current access rights of data from the Identity vault. This process is required for regulatory compliance and to prevent conflicts of interest.
The second phase typically involves the development of custom components. During the development phase of the components are connected into a production environment is therefore necessary to develop precise and carefully testing new components. Customized components must be thoroughly documented as this will change in an integrated system, reflected in the custom modules.
Precise determination of the scope of the project is the foundation of the project's success. The proposed project consists of the following steps:
These tasks are precisely defined and can be successfully implemented. Upon execution of these tasks, the user will achieve:
The system will be built on the basis of these specifications will enable the foundation for further development: