Home page logo
/

basics logo Security Basics mailing list archives

Re: Access Rights tracking system
From: "Kurt Buff" <kurt.buff () gmail com>
Date: Wed, 26 Dec 2007 13:57:04 -0800

On Dec 26, 2007 7:15 AM, ыфзкфт <sapran () gmail com> wrote:
Hi list.

I am looking for the software solution to fit the following needs. Any
help would be appreciated. I tried to ask google on this, but maybe I
just cant form the correct search string...

The software must provide for tracking access rights of a person
during their employment. There must be a sort of global access matrix
and several basic and specific security roles. First, HRs must place a
request for the basic set of access rights for a new employee. Second,
an employee's manager should request for a job's specific rights.
Next, since an employee might change their job role, there must be the
way to change their access rights. There must be features to apply
access rights on temporary or scheduled basis, for affiliates and
auditors. Finally, there must be the way to suspend and terminate an
employee's access rights due to their dismissal.

Every request for a set of access rights must be approved by the
managers responsible for access rights assignment. That wold be nice
if the software might email those managers asking for approval anytime
the request is placed.

We have a medium sized company and no advanced identity management or
single login system is needed. So, this should be a framework for
access rights accounting.

Thanks in advance, have a nice day.

--
sapran

This is one of the holy grails of user management - it's often called
user or employee provisioning, and often does what you want, plus
more, such as set up email accounts and group memberships, keep track
of company equipment that's been issued, such as laptops, cell phones,
PDAs and keys to various locks, and also keep employee information up
to date, such has home address, home phone number, etc.

We're in the process of building one, but what you get will depend
heavily on what you already have in your environment (server OS,
database preference, etc.), and as you didn't specify that, it's going
to be hard to make recommendations.

Kurt

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]