An agent-based framework for identity management: The unsuspected relation with ISO/IEC 15504

Abstract

The generalization of open and distributed systems and the dynamics of the environment make Information Systems (IS) and, consequently, its access rights management an increasingly complex problem. Even if support for this activity appears to be well handed by current sophisticated solutions, the definition and the exploitation of an access rights management framework appropriately adapted for a company remain challenging. This statement is explained mainly by the continuous growth of the diversity of stakeholderspsila positions and by the criticality of the resources to protect. The SIM project, which stands for ldquoSecure Identity Managementrdquo, addresses this problem. The objectives of our paper are twofold. First, to make rights management align closer to business objectives by providing an innovative approach that focuses on business goals for defining access policy. The ISO/IEC 15504 process-based assessment model has been preferred for that research. Indeed, the structured framework that it offers for the description of activities allows for the establishment of meaningful links with responsibilities concepts. Secondly, to automate the deployment of policies through the company IT infrastructurepsilas components and devices by defining a multi-agent system architecture that provides autonomy and adaptability. Free and open source components have been used for the prototyping phase.