An authorization request had to be implemented separately for each system by various system administrators. This process took a long time, was error-prone and lead to non-productive times.
The centralized and standardized authorization system ORG was the ideal solution for a large insurance company. Access and user rights will now be provisioned automatically to the individual business applications. The central database provides an overview of past, current and future privileges across all platforms at any time. Changes to permissions because of organizational reasons, fluctuation etc. are provisioned by pressing a button.
Auditors and accountants are happy about the centralized, enterprise-wide, current, historicized and valid credentials.
The authorization check runs role based (RBAC) as well as attribute based (ABAC).
The homegrown access control system could not be extended to fine grained access management. The necessary fuctional extensions to the Novell IDM would have been substantial and expensive.
Novell IDM was set as the main system for identity and role assignment. ORG was responsible for the fine grained authorization checks. Novell IDM and ORG were connected via SPML interface. The application development department now uses ORG as an EAM system (Externalized Authorization Management). They now can define complex rule sets in order to enable fine-grained access management.
This simplifies the application development and guarantees a consistent authorization model for all business applications.