Abstract
Organisations usually have identified valid business requirements to share information and resources with other organisations. To achieve this sharing of information the organisations have to enter into some form of federation which can, and usually does, dramatically change their risk posture. Organisations develop and implement an Information Security Management System as part of good business management or to meet regulatory and certification requirements. This paper examines the implications of an organisation joining a federation and using Identity based Management as part of its normal operations. It investigates the requirements that must be met internally, and externally, in order for an organisation to attempt to create a federation with external organisations. It then proposes a framework for using Identity based Management within a federation.
Original language | English |
---|---|
Title of host publication | Oceania CACS |
Subtitle of host publication | Practical IT Governance in a Connected World |
Place of Publication | USA/Australia |
Publisher | ISACA |
Publication status | Published - 2007 |
Event | ISACA Oceania Computer Audit Control and Security Conference - Auckland NZ, New Zealand Duration: 09 Sept 2007 → 12 Sept 2007 |
Conference
Conference | ISACA Oceania Computer Audit Control and Security Conference |
---|---|
Country/Territory | New Zealand |
Period | 09/09/07 → 12/09/07 |