To administer and control user authorizations, it is sensible to place
them within a role. The definition of a role in bi-
Cube® solutions is a
combination of authorizations to the user for several sub-systems.
The organizational definition of jobs (or tasks) is the foundation for
the definition of roles. The role’s profile of a user presents the whole
of all roles and their authorizations within.
To display the model of a role, bi-
Cube® differentiates between the
types of roles which serve to structure models, to reference functions
of co-workers, also to display detailed authorization profiles.
role model is very realistic and sophisticated because of project experience,
long years of research and development.
Its flexibility optimizes the layout of process organization of a company.
The attribution of accounts and access authorizations for co-workers in their
company is controlled via the role model.
The immediate benefits of application of role models are:
- Increased security
- Minimizes administration work by defining the role profile
- Decentralize competence allocation to the user
In bi-Cube® a role
model is directly tied to the process management which enables the automatic and
rule based assignment of roles.
Extensive information to bi-
Cube® role models.
Process management in bi-Cube®
With the integrated process management, changes of identity data of co-workers
are done automatically and business processes are optimized.
Every co-worker supposed to promptly receive their appointed authorizations so
that they can immediately begin with their job. Automatic application procedures
(for example: entry or exit of an employee), activate a process of diverse workflows.
So, basic role authorizations will be assigned to new employees in reference to their
job assignment or their function within the company.
To process applications, an adequate designed web application is available.
Before authorisation is assigned the application goes through check ups, in relation
on objective and technical correctness.
Find out more on process management in in
Self organizing provisioning (role mining)
On the base of a development within our research team we succeeded to produce
a tool which can seriously shorten the definition of a role model.
Unlike or in addition to the customary Top-Down definition of role models, we
refine role examples on the basis of resemblance measures, with an analysis
tool of available authorizations. This simplifies the creation of role models
and therefore shortens the time needed, up to 80%. bi-
Cube® process models are the basis of
SoP-procedure and the automation of IT-administration.
Find out more with self organized provisioning with
Generic Process Models (GPM)
The implementation of IPM-solutions compels to revise many administrative
and functional business processes. Before these processes can be conducted
and supported by systems, they have to be defined and aligned within the
company. Out of experience this step causes by far the most expenditure of time.
Defined process models for IPM principally always indicate the same business
procedure. To drastically shorten the work of IT-administration, they have
to concurrently comply with requirement of orderly safety. The IPM-solutions
are also of great importance in the ranking of operative safety within the
firm according to SOX, Basel II, KontraG etc.
Miscellaneous business processes are available in the bi-
Cube® IPM-solutions in accordance to established
standards which were selected by expert teams of user, manufacturer and analysts in
the centre of excellence of Identity Management NIFIS-organization and also by the
Institut für System-Management (iSM).
As a Member of the centre of excellence the iSM was mainly participated in the
definition because of its numerous project experiences.
Find out more about Generic Process Models in