Information Technology Reference
In-Depth Information
standards are applied across all development projects, that the skill of
the programmer does not affect the level of security provided, and that
changes made to an identity and its access rights are more rapidly propa-
gated to all resources.
An example of this involves the development of portlets and Web
parts designed to operate within a portal's authentication and authoriza-
tion umbrella. Such applications can be rapidly created, tested, certified,
and deployed because there is no need to develop authentication and
access control code for each applet. The portal hosting application pro-
vides all security and access control functions using a central authentica-
tion solution.
Assign Rights to Groups
Effective enterprise organization supports efficient rights assignment.
Rights and access restrictions should be assigning to groups and roles
rather than directly to individual identities. This simplifies rights man-
agement and avoids accidental conflict and rights management complex-
ity. Nested groups and roles can produce complex fine resolution access
rights using easily maintained configurations. Each level of organization
and rights assignment subsumes all levels of higher-order inheritance,
improving troubleshooting and problem identification in larger enter-
prises. This practice ensures that access controls are correctly changed
upon role transfer or reassignment.
Employ Identity Management Solutions
Identity management automation saves time and can quickly pay for
itself with direct benefits in terms of time, effort, user acceptance, and
regulatory compliance. These solutions require careful planning to ensure
integration across an extended enterprise. A simplified authentication
landscape will improve management ease, while workflow and automated
provisioning can enhance resource availability across varied authoriza-
tion domains. These solutions are most appropriate in medium-to-large
enterprise environments, though they are also used in smaller networks
in order to support legacy authentication systems or self-service needs
created by a highly mobile workforce.
Search WWH ::




Custom Search