Information system of Friedrich-Alexander-University Erlangen-Nuremberg © Config eG 
FAU Logo
  Collection/class schedule    module collection Home  |  Legal Matters  |  Contact  |  Help    
search:      semester:   
 Lectures   Staff/
   Publications   Internat.
printable version

Departments >> Faculty of Engineering >> Department of Computer Science >> Chair of Computer Science 6 (Data Management) >>
Analysis of Federated Access Control Systems

"Identity and Access Management" (IAM) aims to manage logins and personal information needed to access applications, resources and IT-systems within an organisation. Comprehensive IAM is divided into the following parts, among others: Access control, provisioning, synchronizing, entitlement and password management, federation, auditing, and compliance. The Identity Management Systems (IdMS) in use put a different focus on the parts mentioned above. They reduce administrative effort and increase security. Regarding entitlement management, a complete and system-wide view of people's entitlements is made difficult by the different access control mechanisms. The constraints are hard to recognize and break down.

Project AnFACS's goal is to develop a system that displays dependencies both between the systems and in interaction with the IdMS in a standard way. To achieve this, existing access control systems are analysed and mapped with a uniform language, e.g. eXtensible Access Control Markup Language (XACML). Using the available IdMS connection, this creates a composed comprehensive picture of the current entitlement situation. An analysis is then used to show inconsistencies and conflicts between the intended entitlements and the actual situation.

Project manager:
Prof. i. R. Dr. Klaus Meyer-Wegener, Dipl.-Inf. Frank Tröger

Project participants:
Dipl.-Inf. Florian Klemenz

Identity and Access Management (IAM); Access Control; Entitlement Management; Federation

Duration: 1.2.2007 - 30.9.2012

Tröger, Frank
UnivIS is a product of Config eG, Buckenhof