Access Control In Organisations

ACIO LOGO
Project Key Information

Project Status: Finished

Start Date: July 2013

End Date: December 2015

Budget (total): 2806 K€

Effort: 39.16 PY

Project-ID: C2013/1-1

Project Coordinator

Name: Mikel Uriarte Itzazelaia

Company: Nextel

Country: Spain

E-mail: muriarte(Replace this parenthesis with the @ sign)nextel.es

Project Consortium

Nextel S.A., Spain

Infoport Valencia S.A., Spain

Innovalia Association, Spain

Ángel Iglesias, S.A. (IKUSI), Spain

FST 21 LTD, Israel

Abstract

Organizations today struggle with access control challenges as their operational framework is in turmoil due to the impacts of megatrends and new requirements on the business, such as: offshoring; cloud-sourcing (inbound); heterogeneous cloud-based service provisioning (outbound); increased massive increase of mobility in core processes and core use-cases; BYOD; risk governance and audit. Not having a solid solution to these challenges imposes large direct costs through multiple and varying point-solutions in the organisation; or implicit costs as competitors do better and win in the competition due to qualitative reasons; or do it more cost-efficiently and win due to cost-price reasons.

The critical bottlenecks that hamper the development of efficient corporate policies are:

  • Lack of efficient mobility support
  • Lack of efficient mobility support
  • Lack of support of contextual approaches
  • Lack of policy mechanisms for cloud-sourcing and BYOD
  • Lack of solutions that are acceptable both from the end-user experience and optimal for operational business perspectives

ACIO will deliver enhanced physical/logical access control models and solutions which will remove these bottlenecks.
The project will enhance access control in organisations by combining access control mechanisms, role management, and capability management in a new way. The project views the access control services from a usability and security perspective, providing comparative information on different mechanisms that helps to improve the fluency, monitoring and efficiency of work and assures the real-time authorisation of individuals to specific tasks within an organisation while maintaining the required level of information security. The project develops services and mechanisms for access control that make use of internal organisation data as well as location and other attribute information.

Current and earlier approaches, such as MAC, ABAC, RBAC, SBAC or EBAM are not suitable for most of the companies and organisations, where huge investments in Access Control cannot be afforded and the heterogeneity of their current operational environment imposes a more advanced security Access Control.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.