Big Think

Our products and services are drawn from a deep well of Big Think. Granted, reading our book will not provide you with instructions on how to move your core business systems to the Cloud securely and to scale without disrupting business, or show you the details of the structure of your Role Mining and Governance, nor the intricacies of designing your Enterprise Data. Nonetheless, we guarantee you that the book will help you think about these core functions clearly, and more, and make you a better IT Professional and Practitioner in your field.

Buy it Now ($29.99 + Free Shipping). Paypal & all major (and minor) credits cards accepted.

Author’s Note 2nd Edition

In the second edition, we have added a new chapter on modeling of Access Reviews and Certification. When we started working on the Access and Review Certification models following the background that was already laid in the first edition, it was not clear at the outset that a Systems Engineering formulation could be found. It was therefore remarkable to find out that a very solid model was accessible. We invite new and old readers to take a look at the new Chapter 4.

Author’s Note Original Edition

The book is a powerful, novel approach to the analysis and synthesis of IAM systems. It is motivated by the realization that the current practice of Information Systems in general, and Identity and Access Management in particular, is increasingly divorced from its Systems Engineering underpinnings. Even for the most innovative and resourceful practitioners, the architecture, design, implementation and support of enterprise Information Technology systems has taken a complex inferential approach, driven by algorithmic and rule based protocols and standards. This work creates a solid foundation for IAM by using established concepts from Systems Engineering, using systems representations for major IAM processes like authentication and authorization. Such systems formulations may then be used to analyze IAM systems in complicated organizations using established Systems Engineering methods. For example, the book shows that problems in IAM such as risk propagation and authentication processes that were heretofore analyzed in terms of prescriptive, algorithmic or empirical schemes, are indeed amenable to general theoretical treatment. The book is specifically designed to be accessible to the general IT practitioner. It is with this goal in mind that it teases out the concepts in a way that anyone with some college education will be able to understand.