|
Identity Analytics Project
[back to
projects page]
The Identity Analytics project is part of the
Security Analytics project, at HP Labs, System Security Lab.
In our view, “Identity Analytics” consists of a set of approaches,
techniques and methodologies to explain and predict
the impact of identity, identity management and people’s behaviours
on aspects of relevance to decision makers (e.g. CIOs/CISOs), such
as on security exposure/risks, (financial) costs, compliance, trust,
reputation, effect on productivity and business (e.g. on business
alignment and agility) etc., in well defined context and scenarios -
based on initial assumptions and investment decisions.
In this context, “Identity Analytics”
aims at providing decision makers with decision support tools and
services (based on modelling, simulation and analysis techniques)
describing the “levers” (e.g. acting on identity management
technologies, automation & centralisation, education, other security
investments, policies, etc.) they can act on and the consequences of
their decisions (what-if analysis) along with exploring potential
trade-offs (e.g. investing on identity automation vs. security
patching and intrusion detection). The following picture shows the
main aspects and factors involved in Identity Analytics:
The focus is at the business level,
targeting key decision makers, such as CIOs/CISOs. Identity
management is likely to be an area where even the experts have
little intuition as to how to invest for the best (security)
outcomes. The complexity and tight relationship with business and
compliance mean it will remain high priority for CIOs and CISOs. As
such it is likely to be a high profile and rich problem area for
Identity Analytics.
There are many research opportunities
and challenges in this space: we believe that a scientific approach
is required, involving the usage of modelling and simulation
techniques, coupled with the understanding of involved technologies
and processes, human behaviours and economic aspects.
For more information and an overview of
this project, have a look at the following HP Labs Technical Report:
-
HPL-2008-188
Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu,
Yolanta Beres - Identity Analytics: Using Modeling and
Simulation to Improve Data Security Decision Making-
HPL-2008-188, 2008
-
HPL-2008-186
Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu
- Towards Identity Analytics in Enterprises - HPL-2008-186, 2008
-
HPL-2008-84 Marco Casassa Mont, Adrian Baldwin, Simon Shiu -
On Identity Analytics: Setting the Context, 2008
|
printable version
