Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems
Issue No.05 - September/October (2011 vol.9)
David M. Liebovitz , Northwestern University
Carl A. Gunter , University of Illinois at Urbana-Champaign
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.72
Experience-based access management (EBAM) is a life-cycle model for identity and access management. It incorporates models, techniques, and tools to reconcile differences between the ideal access model, as judged by professional and legal standards, and the enforced access control, specific to the operational system. EBAM's principal component is an expected-access model that represents differences between the ideal and enforced models on the basis of access logs and other operational information. A technique called access rules informed by probabilities (ARIP) can aid EBAM in the context of healthcare organizations.
security and privacy protection knowledge; data engineering tools and techniques; security, integrity, and protection; public policy issues; privacy
David M. Liebovitz, Carl A. Gunter, "Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems", IEEE Security & Privacy, vol.9, no. 5, pp. 48-55, September/October 2011, doi:10.1109/MSP.2011.72