Experience-based access management: A life-cycle framework for identity and access management systems

Carl Gunter*, David Liebovitz, Bradley Malin

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

30 Scopus citations

Abstract

Experience-based access management (EBAM) is a life-cycle model for identity and access management. It incorporates models, techniques, and tools to reconcile differences between the ideal access model, as judged by professional and legal standards, and the enforced access control, specific to the operational system. EBAM's principal component is an expected-access model that represents differences between the ideal and enforced models on the basis of access logs and other operational information. A technique called access rules informed by probabilities (ARIP) can aid EBAM in the context of healthcare organizations.

Original languageEnglish (US)
Article number5887313
Pages (from-to)48-55
Number of pages8
JournalIEEE Security and Privacy
Volume9
Issue number5
DOIs
StatePublished - Sep 1 2011

Keywords

  • and protection
  • data engineering tools and techniques
  • integrity
  • privacy
  • public policy issues
  • security
  • security and privacy protection knowledge

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Fingerprint Dive into the research topics of 'Experience-based access management: A life-cycle framework for identity and access management systems'. Together they form a unique fingerprint.

Cite this