Thursday Aug 07, 2008

Role Management through Identity Manager, Role Manager or Both

We have just release Identity Manager 8.0, which is a major upgrade compared to its predecessors in terms of provisioning, management and reporting of identities and their roles.

Identity Manager 8.0 introduces the idea of typed roles, such as Business Roles, Applications Roles, Asset Roles, IT Roles, Functional Roles, .... that can be used to group entitlements (attributes, LDAP groups, accounts, ...), and can then be assigned as a role to one or more identities.
The assignment of roles can be optional, mandatory, or conditially based on existing rules or rules made on the fly through the onboard wizard.

With the release of Role Manager 4.x, that product also provides similar role management capabilities.
The question then lies on when to use which of these management environments, when to use identity manager and/or role manager, when to combine both products, which product allows role mining, etc ....

All this and more is answered in a new webcast explaining all the new stuff in Identity Manager 8.0, and zooming in on combining Identity Manager and Role Manager in an set-up for role management needs.

The webcast can be found at :
http://nettalk.sun.com/bhive/c/1000/1484/index.html?cid=222962

Thursday Jun 19, 2008

Do we need to clean up our mess before using a compliance product such as Sun Java System Role Manager ?

When it comes to using a compliance product, in order to prove compliance - your identity data has to be in a compliant state.
(it can't have any role/rule-based SOD violations, Certifications must be completed without outstanding revocations, etc ...).
Once your data is in order, opening up this quality type information to outsiders through techniques of provisioning or ideally federation could be the next step.
However, growing into a compliant state is a process and not just an action.
By that I mean that a product such as Sun Java System Role & Compliance Manager no only proves the compliant state, but helps you get there from the early messy state your data is in.

By using the ability to import external identity data, create, mine and manage business & IT roles, repeat review cycles at role/user and/or application level, the product allows you clean up your data, ending up with proper roles and properly linked users and entitlements, and manual workflow driven review mechanism that allows your data owners and line managers to review current assigned entitlements and verify the validity of them.   In case of violations, remediation can be triggered either via e-mail or via external provisioning solutions such as Sun Java System Identity Manager.

Compliance is therefore a constant running process that ensures the quality of your data becomes optimal, and stays optimal through a typical set of lifecycle operations on the involved identities.

More information on the product can be found at : http://www.sun.com/software/products/rolemanager

About

Bert Van Beeck is a Senior Software Architect at Sun Microsystems, specialized in Sun's Identity Management portfolio. He's part of the Northern European pre-sales software team.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today