Security model characteristics
An organization defines a security model to meet its business needs. The model serves as a basis to define the requirements and actual implementation of a security system.
Some characteristic objectives of a security model include.
- Verifying the identity of users, provided by authentication systems that include password strength and other factors.
- Enabling authorized users to access resources, provided by authorization systems that define request or role-based processes, and related provisioning. Resources, for example, include accounts, services, user information, and IBM Security Identity Manager functions.
A security model also requires additional provisioning processes to select the resources users are permitted to access.
- Administering which operations and permissions are granted for accounts and users.
- Delegate a user's list of activities to other users, on a request or assignment basis.
- Protecting sensitive information, such as user lists or account attributes.
- Ensuring the integrity of communications and data.
Parent topic: System security overview