Dataset Identification:
Resource Abstract:
- description: <p>User provisioning is the process of associating a digital identity with one or more resource access
accounts, which may serve as records for user data and permissions. This may include the creation, modification, deletion,
suspension, or restoration of such accounts and also synchronizing user data. Managing user accounts locally creates redundancy
in collecting and managing user information. This may lead to inaccuracies and inconsistencies with user data that is stored
in authoritative sources, and this may also create security vulnerabilities by maintaining accounts for terminated users.
By leveraging Provisioning, VA applications are able to centrally manage user information, attributes, roles, and accounts
using data from authoritative identity sources. Once a manually intensive and disjointed process, VAs Provisioning (Prov)
service leverages automated and centralized workflows to enhance security and bolster efficiency. As a result, application
administrators, who previously had to manually manage user administration, now have services available to automate the process.
Provisioning assigns the Security Identifier (SecID) as a unique user identifier for integrated applications to use for user
authorization and audit. SecID is a unique ID assigned to a user when they are added to the Provisioning system via an on-boarding
event. SecID, once assigned, remains the same even if the user status with VA changes over time (i.e., a Veteran becomes a
contractor and then later becomes an employee). SecID is the identifier used to correlate Provisioning records to MVIs integration
control number (ICN), which is the unique person identifier. Provisioning automates the on-boarding and off-boarding flows.
Applications leveraging Provisioning gain an added benefit of automated account removal (deprovisioning) during off-boarding.
The following table lists the detailed functions offered by the Provisioning service. Additionally, the Provisioning service
includes a Role Engineering and Compliance Tool (RECT) that can help applications: Conduct Role Analysis: Provides the ability
to analyze current roles and permissions to rapidly build and deploy an enterprise role model Certify User Roles: Provides
the ability to have access privileges reviewed and managed by designated reviewers</p>; abstract: <p>User provisioning
is the process of associating a digital identity with one or more resource access accounts, which may serve as records for
user data and permissions. This may include the creation, modification, deletion, suspension, or restoration of such accounts
and also synchronizing user data. Managing user accounts locally creates redundancy in collecting and managing user information.
This may lead to inaccuracies and inconsistencies with user data that is stored in authoritative sources, and this may also
create security vulnerabilities by maintaining accounts for terminated users. By leveraging Provisioning, VA applications
are able to centrally manage user information, attributes, roles, and accounts using data from authoritative identity sources.
Once a manually intensive and disjointed process, VAs Provisioning (Prov) service leverages automated and centralized workflows
to enhance security and bolster efficiency. As a result, application administrators, who previously had to manually manage
user administration, now have services available to automate the process. Provisioning assigns the Security Identifier (SecID)
as a unique user identifier for integrated applications to use for user authorization and audit. SecID is a unique ID assigned
to a user when they are added to the Provisioning system via an on-boarding event. SecID, once assigned, remains the same
even if the user status with VA changes over time (i.e., a Veteran becomes a contractor and then later becomes an employee).
SecID is the identifier used to correlate Provisioning records to MVIs integration control number (ICN), which is the unique
person identifier. Provisioning automates the on-boarding and off-boarding flows. Applications leveraging Provisioning gain
an added benefit of automated account removal (deprovisioning) during off-boarding. The following table lists the detailed
functions offered by the Provisioning service. Additionally, the Provisioning service includes a Role Engineering and Compliance
Tool (RECT) that can help applications: Conduct Role Analysis: Provides the ability to analyze current roles and permissions
to rapidly build and deploy an enterprise role model Certify User Roles: Provides the ability to have access privileges reviewed
and managed by designated reviewers</p>
Citation
- Title Provisioning (Prov).
-
- creation Date
2018-04-11T02:11:44.742374
Resource language:
Processing environment:
Back to top:
Metadata data stamp:
2018-08-06T20:59:47Z
Resource Maintenance Information
- maintenance or update frequency:
- notes: This metadata record was generated by an xslt transformation from a dc metadata record; Transform by Stephen M. Richard, based
on a transform by Damian Ulbricht. Run on 2018-08-06T20:59:47Z
Metadata contact
-
pointOfContact
- organisation Name
CINERGI Metadata catalog
-
- Contact information
-
-
- Address
-
- electronic Mail Address cinergi@sdsc.edu
Metadata language
eng
Metadata character set encoding:
utf8
Metadata standard for this record:
ISO 19139 Geographic Information - Metadata - Implementation Specification
standard version:
2007
Metadata record identifier:
urn:dciso:metadataabout:eea2c8f3-1536-4dde-84fe-c34534568f30
Metadata record format is ISO19139 XML (MD_Metadata)