A Practical Approach to Enterprise Identity Management

IAM systems streamline and secure enterprise-wide access administration by consolidating identity lifecycle processes into a shared infrastructure. Previous approaches to consolidated user administration have focused on constructing and maintaining a formal model of user privileges, including roles and rules, that predicts what accounts and rights should be assigned to any given user, based on user classification via identity attributes. This document introduces a more balanced strategy for large-scale administration of identities and access rights.