Redefining Access Governance

  •  TYPE: Track    START DATE: Thursday, May 07, 2015     START TIME: 14:30    LOCATION:  AMMERSEE I
Parent Track


Access Governance and its requirements are currently changing just as much as Identity and Access Management are. With the availability of newly designed, complementary technologies for the collection and analysis of real time access data as well as real time data analytics, current Access Governance and Access Intelligence architectures offer the opportunity of being transformed into a strategic component for corporate governance and proactive security management on top of a well-established existing Identity and Access Management system which includes the associated identity provisioning tools.

To redefine Access Governance it is required to first take a step back, to identify strengths and weaknesses of current Access Governance solutions and reconsider the underlying concepts. 

Understanding the upcoming challenges for Identity and Access Management, and thus for Access Governance as well, forms the second part. These challenges for Access Governance include the need to embrace the extended enterprise, the context of Dynamic Authorization Management, and the extension of Access Management towards Entitlement Access Governance. 

Third and finally, Access Analytics and Access Intelligence supplement Access Governance by additionally accessing both real time and historic activity data to enable automated and ad-hoc evaluation of policy-based rules and pattern-based activity monitoring.

The resulting approaches and suggestions range from slight amendments to the process design and implementation (e.g. dynamic recertification schedules) over role attribute changes (by adding access risk information to entitlements) to extending existing architectures by adding powerful real time Access Analytics and Access Intelligence functionalities and bridging the gaps to interact with traditional GRC infrastructures and Real Time Security Intelligence.


Adaptive Policy-Based Access Management: Beyond ABAC and RBAC

Date: Thursday, May 07, 2015 Time: 14:30-15:30

Adaptive Policy-Based Access Management: Beyond ABAC and RBAC
Martin Kuppinger, KuppingerCole

Over the past several years, there have been a lot of discussions around terms such as RBAC (Role Based Access Control), ABAC (Attribute Based Access Control), Dynamic Authorization Management (DAM) and standards such as XACML. Other terms such as RiskBAC (Risk Based Access Control) have been introduced more recently. In particular, a frequent discussion has been going on between RBAC and ABAC enthusiasts, as to whether attributes should or must replace roles. However, most RBAC...

The Future of Authorization
Martin Kuppinger, KuppingerCole • Darran Rolls, KuppingerCole / Cloud 10 • Gerry Gebel, Strata Identity, Inc • Markus Weber, ForgeRock • Frank Wittlich, Talanx Systeme AG

In this panel, the participants will look at where authorization is today and where it should be in an ideal world. They will discuss the trends and evolution in that area, such as the growing relevance of OpenAZ. They will discuss whether there are gaps in standards and technology that must be addressed. They will discuss how to solve the challenge, that the vast majority of applications is not ready for APAM (Adaptive Policy-Based Access Management). They will provide hints on how to solve...

IAM/IAG @ Continental AG: Clearing Process as a Basis for Identity Management

Date: Thursday, May 07, 2015 Time: 15:30-16:30

IAM/IAG @ Continental AG: Clearing Process as a Basis for Identity Management
Theodor Heindl, Continental Corporate Infrastructure

The history of Continental consists of many mergers and aquisitions which lead to a very heterogeneous environment concerning accounts and account processes. Continental designed a special clearing process to securely map the HR data and account data of each employee and create the digital identity. As a next step the identity lifecycle processes will be defined and implemented.

Identity Relationship and Access Management and Dynamic Authorisation Management as a Driver for New Business Opportunities
Laura L├Ątti, DNA Finland

If you can externalise authorisation management away from the application you will simplify online application development considerably. If you can externalise authorisation and identity management to your customer you can achieve considerable cost savings through self-service functions. If you put your customer in control of their identity data, and link your Identity Relationship and Access Management (IRAM) solution to your CRM, you can automate registration processes and invite customers...

Access Intelligence, User Activity Monitoring, Recertification: What do we Really Need?

Date: Thursday, May 07, 2015 Time: 17:00-18:00

Access Intelligence, User Activity Monitoring, Recertification: What do we Really Need?
Rainer Knorpp, KuppingerCole • Dr. Michael B. Jones, Microsoft • Ramses Gallego, Dell • Thierry Winter, Evidian

Improve your level of compliance, gain up-to-date insight and reduce recertification workload. Add business risk scoring to your Access Governance Architecture, focus attention on high-risk access and extend your existing infrastructure to provide real-time access risk information. Re-think your existing Access Governance processes and understand upcoming IAM challenges and their impact on your infrastructure.  This panel will discuss which approaches on redefining and extending...


European Identity & Cloud Conference 2015

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 05 - 08, 2015 Munich, Germany