|
|
||
06/25/07 |
 
|
Dr. Ron
Rymon
|
 |
Construction of a role-based privileges Model. Also known as role engineering, this has been a major obstacle to the deployment of role-based provisioning systems. We have solved this problem applying pattern recognition technology to reverse engineer the existing privileges. |
|
Deployment of this privileges model in a provisioning system of choice. Sage role-based models can be deployed at virtually any IdM/Provisioning system, including those offered by the major vendors, but also homegrown systems. |
|
Adaptation of this privileges model to changes in the business that affect users roles, e.g., merger and split of responsibilities, again utilizing our pattern recognition technology |
Eurekify's Sage DNA software was then extended to leverage this role-based privileges model to automate compliance verification at the level in which it was intended to be done, i.e., at the business roles level, rather than at the tactical IT privileges level.
|
Role-based and Pattern-based Privileges Auditing. This includes reviewing the privileges and role definitions to identify out-of-pattern privileges, duplicate and overlapping role definitions, etc. |
|
Compliance with policies and regulations. This includes a rule and constraints engine on top of role definitions and the raw privileges. This engine reviews the existing privileges vis-a-vis segregation of duty rules and other business process rules and constraints. |
|
Ongoing Role Management and Reporting. Sage's web-based Reporting Server provides reports for the ongoing administration of role definitions; for role engineering; and reports for IT, Security, and Compliance executives. |
This site was last updated 11/19/05
