A Guide For Requirement Specification Of Identity And Access Management In Health Care
Virkkunen, Sanna (2014)
Virkkunen, Sanna
Oulun ammattikorkeakoulu
2014
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-201402052028
https://urn.fi/URN:NBN:fi:amk-201402052028
Tiivistelmä
The object of this Master’s thesis was to describe the basic functionalities provided by identity and access management system (IAM) and their suitability for a health care environment. Specifying and defining the IAM project began in the Northern Ostrobothnia Hospital District in 2007. The preliminary work for enabling identity and access management automation has been done ever since. Most of the requirement specification work was done during the autumn 2013 for the IAM SSO project in the Northern Ostrobothnia Hospital District.
The work consisted of studying various aspects of identity and access management and also analyzing the current state and describing the target state. The studying process consisted of understanding and describing authoritative requirements of IAM in health care, discovering the special features of IAM in Finnish health care and defining the basic IAM use cases in health care.
The result of the study was that identity and access management processes should be guided with strict working period or service period information. They are the master data for both internal and external users. They can be used to define user rights, access rights and their active and inactive periods. The quality of the master data affects the whole IAM process. Attaching smart cards to AD enables network and domain login but also managing complicated multi-role identities.
IAM is a never-ending process. After critical and key systems have been integrated to an IAM system, there will always be yet another integration to be built. New information systems will be deployed and they need to be integrated to the IAM system. The legislation changes all the time, and the organization structures will also change from time to time. All these affect IAM processes and the functionalities of the IAM system. A properly maintained IAM system will help dealing with the changes.
The work consisted of studying various aspects of identity and access management and also analyzing the current state and describing the target state. The studying process consisted of understanding and describing authoritative requirements of IAM in health care, discovering the special features of IAM in Finnish health care and defining the basic IAM use cases in health care.
The result of the study was that identity and access management processes should be guided with strict working period or service period information. They are the master data for both internal and external users. They can be used to define user rights, access rights and their active and inactive periods. The quality of the master data affects the whole IAM process. Attaching smart cards to AD enables network and domain login but also managing complicated multi-role identities.
IAM is a never-ending process. After critical and key systems have been integrated to an IAM system, there will always be yet another integration to be built. New information systems will be deployed and they need to be integrated to the IAM system. The legislation changes all the time, and the organization structures will also change from time to time. All these affect IAM processes and the functionalities of the IAM system. A properly maintained IAM system will help dealing with the changes.