Security model characteristics

An organization defines a security model to meet its business needs. The model serves as a basis to define the requirements and actual implementation of a security system.

Some characteristic objectives of a security model include:

  • Verifying the identity of users, provided by authentication systems that include password strength and other factors.
  • Enabling authorized users to access resources, provided by authorization systems that define request or role-based processes, and related provisioning. Resources, for example, include accounts, services, user information, and IBM Verify Identity Governance functions.

    A security model also requires additional provisioning processes to select the resources that users are permitted to access.

  • Administering which operations and permissions are granted for accounts and users.
  • Delegating a user's list of activities to other users, on a request or assignment basis.
  • Protecting sensitive information, such as user lists or account attributes.
  • Ensuring the integrity of communications and data.