Information System Problem
In identity and access management an identity can request access to an information asset. This apparently simple premise immediately leads to staggering complexity.
i. If you own the asset then access can be granted and managed directly.
ii. If you own the asset, but none of its access paths, you must negotiate a protocol with path owners, if you are to provide access.
iii. Any (contractual) entitlement to access introduces entitlement and contract management.
Following this approach we have identified.
How many classes of access management could be discerned in a formal manner? Does anybody know of such an approach?
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.