Technical Reports
HPL-2008-186
Towards Identity Analytics in Enterprises
Casassa Mont, Marco; Baldwin, Adrian; Griffin, Jonathan; Shiu, Simon
HP Laboratories
HPL-2008-186
Keyword(s): Identity Analytics, Identity Management, Security, Security Analytics, Modelling, Simulation, Economics, Trade-offs, Policies
Abstract: This paper aims at setting the context for "Identity Analytics" within enterprises. In our vision, Identity Analytics is about helping decision makers (e.g. CIOs, CISOs) to explain and predict the impact of identity and identity management (along with other related aspects, such as users' behaviours) on key factors of relevance to them (e.g. costs, risk exposure, reputation, trust, etc.) - based on their initial assumptions and investment decisions, in complex enterprise scenarios. Decision makers are increasingly asked to justify their decisions and provide evidence about returns of IT and security investments. Our goal is to provide them with rigorous techniques to gain a better understanding of the involved threats & risks and investment trade-offs within the identity space (e.g. investing in technologies vs. changing processes vs. investing in users' education). This means providing "decision support" and "what-if analysis" capabilities to explore options, formulate new policies and/or justify existing ones. Our vision is introduced and discussed, along with the methodology that we adopted. There are many opportunities and challenges in this space: a scientific approach is required, involving the use of modelling and simulation techniques, coupled with the understanding of involved technologies and processes, human behaviours and economic aspects. As a significant example, we describe a case study focusing on emerging "web 2.0 enterprise collaborative data sharing tools", where unstructured information is created, stored and shared by people in collaborative contexts, within and across organizations. We discuss related threats and risks and demonstrate how trade-offs can be explored using the modelling approach hence allowing decision makers to investigate the different impacts of policy choices.
37 Pages
Additional Publication Information: Submitted to 24th IFIP SEC 2009, 18-20 May2009, Papos, Cyprus
External Posting Date: October 29, 2008 [Fulltext]. Approved for External Publication
Internal Posting Date: October 29, 2008 [Fulltext]