To manage the life-cycles of digital identities and their resources efficiently across many platforms, the introduction of an administrative abstraction layer makes sense.
Roles have turned out to be a very useful approach to cross-platform administration. Complemented by automatically executed administrative rules, role concepts can be kept concise and administration can be automated to a great extent.
SAM Jupiter offers broad functional support for roles and rules, and is the market leader in role and rule-based security management.
When setting up role concepts, SAM Role Modeler offers valuable assistance.

Why Roles?
“Roles provide the leverage to administer large user populations and their access to resources by mapping collections of permissions to roles, and then assigning the appropriate role or roles to users. This aggregation function eliminates the need to map each user to each resource, an exponentially difficult task”, says Gerry Gebel of Burton Group.
While roles are not necessarily required for proper administration, an increasing interest shows that the industry adopts the concept of roles on a larger scale and sees their benefits:

• Roles make administration more efficient
• Roles make the administrative model much more transparent
• Roles can represent business processes and/or organisational structures, such that business level administration replace technical level user and resource management.

• Security policies can be defined within roles, and the user-related security settings on the different platforms can be checked against the role definitions

Standardisation efforts like the OASIS-driven eXtensible Access Control Markup Language (XACML) include roles in their concepts.

Using rules and roles as an integrated concept
To complement roles, administrative rules are the ideal means to

• Make roles dynamic and therefore reduce the number of roles
• Automatically invoke further enterprise-level and target-system specific settings after single administrative actions.

SAM Jupiter is the leader in role and rule-based Security Management
SAM Jupiter complies with an advanced level of the recently finalized ANSI standard for role-based access control (RBAC), supporting general role hierarchies and static separation of duties. SAM Jupiter’s dynamic role features, and the possibilities for defining administrative rules, make it the most advanced security management solution.