DEFINITION:
Access Management Service ABB is an Application Service allowing users to make use of i) IT services, ii) data, and/or iii) other assets. Access management helps to protect the confidentiality, integrity and availability of assets by ensuring that only authorized users are able to access or modify the assets.
Source: ITIL v3
(https://www.axelos.com/Corporate/media/Files/Glossaries/AXELOS-Common-Glossary.pdf)
Syn. Role Management Service
INTEROPERABILITY SALIENCY:
IoP Dimension: Behavioral IoP
The Access Management Service ABB is salient for technical interoperability because it provides the functionality of allowing user to make an authorized and trusted use of IT Services, data and other assets as stated in the EIF: "Public administrations should ensure that a 'data access and authorisation plan’ which determines who has access to what data and under what conditions, to ensure privacy. Unauthorised access and security breaches should be monitored and appropriate actions should be taken to prevent any recurrence of breaches"
EXAMPLES:
The following implementation is an example on how this specific Architecture Building Block (ABB) can be instantiated as a Solution Building Block (SBB):
Belgian Federal Public Service Policy and Support - Role Management service
The Role Management service gives access managers the possibility to manage roles. A role gives access to an online government application.
Characteristics:
• A federal access management platform for public e-gov applications
• Three separate contexts: Businesses, Officials and Independent
• Roles that can only be attributed by a specific group of managers for a specific application within one of the three contexts
• Two different security levels of the application depending on the sensitivity of the information: user name, password and token; and electronic identity card with associated PIN code
• Authentication when connecting to an application
• Support with the implementation of the service
• Support while the service is being used
Users: All public services and institutions that want a secure access management for their applications: federal public services and institutions; Communities and Regions; Provinces, municipalities and local public social welfare centres; businesses or persons implementing government contracts.
Requirements: application with Fedict Service Desk and signing up to a user agreement.
Source: (http://www.fedict.belgium.be/en/identificatie_beveiliging/rollenbeheer)
|
|
ID | ABB57 |
dct:type | eira:AccessManagementService |
dct:publisher | |
dct:modified | |
eira:status | [ Exists | Development planned ] |
eira:reusability_level | [ Excellent (90-100%) | Very good (75-89,9%) | Fair (50-74,9%) | Poor (0-49,9%) ] |
eira:reusability_score | |
eira:actual_reuse | [ Already reused | Reuse planned | No] |
eira:view | Technical view - Domain specific |