Reference document

Privilege Management Application

The Privilege Management Application allows users to establish and maintain the entitlement or privilege attributes that comprise an entity’s access profile. These attributes complement identity attributes which represent characteristics about a person that make it possible to uniquely identify them as an individual and which are managed within Identity Management. Privilege management supports updates to privileges over time as an entitys access needs change. Privileges, when combined with access control policies and resource access rules, are used to make intelligent access control (authorization) decisions. The authorization decision relies on the presence or absence of one or more specific entitlement attributes. The most common entitlement attributes include employer details, job duties, locations, special qualifications, certifications. Most often,collections of certain entitlement attributes are combined to develop Access Roles. Individuals in a particular role share similar information needs and as a result they likely share similar entitlement attributes. Use of roles or similar attribute groupings significantly reduces the complexity involved in managing user privileges.

Access Management Applications