03-06-2008 1:56 AM
How are the roles seggregated into multiple roles?
HOW DOES D E S I G N take place?
Is there any tool involved or Is there any specific D E S I G N method to do the same?
03-06-2008 3:41 AM
Hi,
These days Security design is a complex work.
Few tips -
-> Many company s are following Business role based Security.
-> interact with your functional teams and segregate Business roles and their activity.
-> Design the Security policies.
-> Design Role naming convention.
-> Prepare Authorization matrix.
-> Create roles
-> Create authorization Test environments
-> Mapp with user accounts.
Please let me know if you want more details.
03-06-2008 4:00 AM
Thankyou Praveenkumar,
Can anybody please tell me how secuirty would be implemented from the scratch?
How the process of gathering requirement from users and using it(requirements) to create the roles goes on?
How Authorization matrix is created and finalised?
Are there any tools involved?
If possible ,please guide me with case studies ,if any.
Thankyou.
03-06-2008 4:17 AM
I have used xls/ spread sheets to design security matrix.
-> Design the security policies
-> Interact with your functional teams and finalize the business roles/ positions in the organization.
-> Then finalize the activity/transactions for each business role/position.
-> prepare the matrix.
-> finalize the feild level activity and org. values.
03-06-2008 2:38 PM
And most important of all: it is the task of the functional consultants to describe the processes up to TRX level including restrictions from a functional point of view.
THAT MUST be the starting point of the security implementation, if it is not there I simply tell them I cannot start!
Beware that process design is NOT the task of the security team. Translating a functional design in a technically security design is our TASK
,
04-19-2008 2:38 PM
Hi Praveen
I am also new to security Implementation,
If you could share a template of the same which you had implemented in any of your previous projects it would be great help to me.
Many Thanks.