Role Engineering for Enterprise Security Management

Book Preface

Role engineering secures information systems. It ensures that every user has the right permission to access just the right information, computers, and networks. When hundred or thousands of computer users must be assigned their own individual access permission, role engineering saves significant time and money while protecting data and systems. This first-of-its-kind book illustrates the entire role engineering process, from project planning to deployment and verification. In addition to explaining technical aspects, the book emphasizes business benefits by showing how to manage risks and costs. Practitioners get proven techniques that define roles and ensure proper assignment of permissions and roles to users. The book also shows how to verify that roles comply with security policies.