Delegating approval on IBM Security Identity Manager

Write a workflow that lets approvers delegate approvals and ask for justifications

Learn how to write a customizable workflow that lets approvers delegate approvals and ask for justifications.

developerWorks security editors, Staff, IBM

Security icon imageThis article is brought to you by the editors of the developerWorks Security site.



28 October 2013

IBM expert Ori Pomerantz has been securing computer networks (and showing others how to do it too) since 1995. Pomerantz joined IBM in 2003 and since then, he has written classes on several IBM security products, including IBM Security zSecure™. He is also a co-author of the IBM Press publication Mainframe Basics for Security Professionals: Getting Started with RACF, 2007. In this white paper, "IBM Tivoli Identity Manager 5.1: Delegating Approval," Pomerantz explains how to write a customizable workflow that lets approvers delegate approvals and ask for justifications to use in IBM Security Identity Manager.

See Downloads for the full white paper. The following sections outline what you will learn from the white paper.

The steps you'll learn

In the white paper, Pomerantz covers the following instructions:

  • As part of the design phase, how to delegate a decision that requires approval or rejection (for example, whether a service owner should clear or reject provisioning requests). This includes the requirements for the workflow and the approach for creating the workflow (adding a request for information node (RFI) to the limited boolean decision node (accept or reject).
  • Exploring the data structure of an RFI node. How to repurpose existing attributes of the other entity types to define RFI node fields (Decision, Approver, Justification).
  • Writing the actual workflow by adding relevant data variables, constructing or importing an RFI node, testing the RFI node, adding an approval node for a select delegate, adding manager approval, and asking for and displaying account justification.

Pomerantz also takes you on a short tour of how to move from prototype to production.


Download

DescriptionNameSize
White paperdelegate_approval.pdf882KB

Resources

Learn

  • Explore the topics and technologies in this article:
    • IBM Security Identity Manager helps organizations comply with regulations, manage risks and implement identity governance. It automates the creation, modification, recertification and termination of user privileges throughout the user lifecycle.
  • Explore the IBM Security Framework for cutting-edge knowledge on IT security issues.
  • Start your journey to implement IT security through pragmatic, intelligent, and risk-based practices at Security on developerWorks.
  • Follow developerWorks on Twitter.
  • Watch developerWorks on-demand demos ranging from product installation and setup demos for beginners, to advanced functionality for experienced developers.

Get products and technologies

Discuss

  • Get involved in the developerWorks Community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Security on developerWorks


  • Bluemix Developers Community

    Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.

  • Security

    Pragmatic, intelligent, risk-based IT Security practices.

  • DevOps Services

    Software development in the cloud. Register today to create a project.

  • IBM evaluation software

    Evaluate IBM software and solutions, and transform challenges into opportunities.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=949812
ArticleTitle=Delegating approval on IBM Security Identity Manager
publish-date=10282013