The Community for Technology Leaders
Green Image
Issue No. 05 - September/October (2011 vol. 9)
ISSN: 1540-7993
pp: 48-55
David M. Liebovitz , Northwestern University
Bradley Malin , Vanderbilt University
Carl A. Gunter , University of Illinois at Urbana-Champaign
ABSTRACT
Experience-based access management (EBAM) is a life-cycle model for identity and access management. It incorporates models, techniques, and tools to reconcile differences between the ideal access model, as judged by professional and legal standards, and the enforced access control, specific to the operational system. EBAM's principal component is an expected-access model that represents differences between the ideal and enforced models on the basis of access logs and other operational information. A technique called access rules informed by probabilities (ARIP) can aid EBAM in the context of healthcare organizations.
INDEX TERMS
security and privacy protection knowledge; data engineering tools and techniques; security, integrity, and protection; public policy issues; privacy
CITATION
David M. Liebovitz, Bradley Malin, Carl A. Gunter, "Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems", IEEE Security & Privacy, vol. 9, no. , pp. 48-55, September/October 2011, doi:10.1109/MSP.2011.72
92 ms
(Ver )