Identity & Role Management

At present, every enterprise utilizes dozens of information systems which are accessible for employees, who often log into these systems several times a day. This is why management of the access rights of hundreds of employees and dozens of information systems is becoming more and more complex and difficult to control. This results in a loss of effectiveness, errors and even serious security problems, where confidential data is accessible for users who should not be able to access it. Avoid these problems and reduce your user and role management costs by using AMI Praha's solutions.

Transparent and easily manageable access rights to all systems

After the deployment of Identity & Role Management, every employee has his login data to all the systems mapped and his so‑called virtual identity assigned. Virtual identity maintains the link between the specific user and all his login data. Roles are assigned to this identity based on work tasks; a role is a set of access rights to and permissions for certain enterprise information systems. This allows granting the access of an employee or an entire group of employees to a new system in a very easy way, or setting automatic actions on the employee's exit – thus nobody and nothing is forgotten. Everything is properly documented and easily traceable for internal as well as external auditors. Auditors can also find information on who approved the assignment of the access or permission!

Scheme of model architecture of Identity Management

Products for Identity & Role Management

Oracle Identity Manager

  • Creation, changes and deletion of user accounts
  • Password administration
  • Self‑service tools for changes in attributes of user accounts and passwords
  • Delegated administration
  • Creation of reports and background data for audits
  • Approval workflow
  • Non-invasive connection to controlled systems

More information about the product can be found on Oracle's website.

ForgeRock OpenIDM

  • Creation, change and deletion of user accounts
  • Role handling, both in openIDM and external systems and role-based access control (RBAC)
  • Flexible resource connection architecture
    * Organizational hierarchy of all objects
  • Access control by means of flexible capabilities
    * Object relation handling
  • Extended auditing
  • Password synchronization
  • Reconciliation
  • Pickup of external changes in near Real Time

More information about the product can be found on ForgeRock's website.

Oracle Role Manager

Oracle Role Manager is a specialized analytical tool which covers the following areas:

  • Definition of new business roles by means of automatic role mining (automated analysis which groups together individual permissions). Thanks to business roles, you can manage hundreds or thousands of permissions in a very effective manner with a close link to the needs of the employees.
  • Auditors’ dashboard with a display of the status of certification rights across the entire organization and all the applications.
  • Management of role during its entire life cycle – this allows a change in the role owner, versioning of the role, role assignment and role deactivation.
  • Creation of a process by means of which role assignment can be periodically re‑certified.
  • Segregation of duties – establishment of exclusive relationships between the roles which cannot be assigned to the same user at the same time. Support of SOX, EU directives or national legislation.
  • Integration with the Identity Management solution.

More information about the product can be found on Oracle's website.

Request form

Fields marked * are required

Přejít na začátek stránky


© Copyright 1998-2011 AMI Praha a.s., powered by AMIGO CMS