Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems
Issue No. 05 - September/October (2011 vol. 9)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.72
Carl A. Gunter , University of Illinois at Urbana-Champaign
David M. Liebovitz , Northwestern University
Bradley Malin , Vanderbilt University
Experience-based access management (EBAM) is a life-cycle model for identity and access management. It incorporates models, techniques, and tools to reconcile differences between the ideal access model, as judged by professional and legal standards, and the enforced access control, specific to the operational system. EBAM's principal component is an expected-access model that represents differences between the ideal and enforced models on the basis of access logs and other operational information. A technique called access rules informed by probabilities (ARIP) can aid EBAM in the context of healthcare organizations.
security and privacy protection knowledge; data engineering tools and techniques; security, integrity, and protection; public policy issues; privacy
D. M. Liebovitz, B. Malin and C. A. Gunter, "Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems," in IEEE Security & Privacy, vol. 9, no. , pp. 48-55, 2011.