RoleBased Security Solutions - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

RoleBased Security Solutions

Description:

The driving force behind Role-Based Security is the shift towards an information ... Role-based security can prescribe not only who or what process may have access ... – PowerPoint PPT presentation

Number of Views:93
Avg rating:3.0/5.0
Slides: 22
Provided by: albert5
Category:

less

Transcript and Presenter's Notes

Title: RoleBased Security Solutions


1
Role-Based Security Solutions
  • Albert Torres
  • Director of IT and RD
  • albert_at_payplusbenefits.com
  • www.payplussolutions.com
  • IMA
  • December 7th, 2004

2
Outline
  • Background
  • Define the current problem
  • Define Role-Based Security
  • How does this solution work
  • Conclusion

3
Background
  • The driving force behind Role-Based Security is
    the shift towards an information-based business
    economy and the Internet.
  • Most business organizations realize that
    information must be stored, retrieved, analyzed,
    and acted on at a moment's notice.

4
Background
  • Today more people need
  • More access
  • More security
  • More information
  • More often
  • In order to make more decisions
  • Businesses are operating under hyper-competition.

5
Background
  • One of the primary purposes of an information
    system is decision support.
  • Every person involved in the organization
    participates in some level of decision making.

6
Define the Problem
  • Most information systems were designed before the
    current implementation or use of the Internet.
  • Many information systems can have an
    unprecedented amount of information.

7
Define the Problem
  • While solving one problem of granting more
    information, it created a whole new set of
    problems.
  • Some examples include
  • Privacy and Security Concerns
  • New regulations such as
  • HIPPA Compliance

8
Define the Problem
  • Privacy and Security Concerns
  • A large amount of personal information about each
    of us is stored in various computers. Personal
    data can be used in identity theft or fraud. An
    imposter may create fake financial accounts and
    run up huge debts, or may simply appropriate
    someone else's finances.

9
Define the Problem
  • HIPAA Compliance
  • The U.S. Health Insurance Portability and
    Accountability Act (HIPAA) is not specifically an
    Internet privacy law, but it does address the
    sharing of health-related information and
    therefore could affect many online businesses.
    Although HIPAA has become effective, the rules
    are controversial and compliance with these rules
    are burdensome and complicated.

10
Define the Problem
  • One of the most challenging problems in managing
    large networked systems is the complexity of
    security administration.
  • Security administration is costly and prone to
    error because administrators usually specify
    access control lists for each user on the system
    individually.

11
Define Role-Based Security
  • Role-based security is a technology that is
    attracting increasing attention, particularly for
    commercial applications, because of its potential
    for reducing the complexity and cost of security
    administration in large networked applications.

12
Define Role-Based Security
  • With role-based security, permissions are managed
    at a level that corresponds closely to the
    organization's structure.
  • Each user is assigned one or more roles, and each
    role is assigned one or more sets of access
    privileges that are permitted to users in that
    role.

13
Define Role-Based Security
  • Role-based security administration consists of
    determining the operations that must be executed
    by persons in particular jobs, and assigning
    employees to the proper roles.
  • Role-based security makes security administration
    far easier and less prone to holes in the
    access rights of individuals.

14
How does this solution work
  • In terms of role-based security, access is the
    ability to do something (e.g. use, change, or
    view) a computer resource. Role-based security
    can prescribe not only who or what process may
    have access to a specific system resource, but
    also the type of access that is permitted.

15
How does this solution work
  • With role-based access control, access decisions
    are based on the roles that individual users have
    as part of an organization. Users take on
    assigned roles, such as doctor, nurse, teller,
    manager.

16
How does this solution work
  • One of the keys to accomplishing Role-Based
    Security was breaking each field in the data
    warehouse and not viewing information in terms of
    reports.

17
How does this solution work
18
How does this solution work
19
Conclusion
  • The process of defining roles should be based on
    a thorough analysis of how an organization
    operates. It should include input from a wide
    spectrum of users in an organization, including
    HR.

20
Conclusion
  • The use of roles to control access can be an
    effective means for developing and enforcing
    enterprise-specific security policies and for
    streamlining the security management process.

21
Albert Torres Director of IT and RD albert_at_payp
lusbenefits.com www.payplussolutions.com 1110
North Center Parkway Suite B Kennewick, WA 99336
Phone (509) 735-1143
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "RoleBased Security Solutions" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!