supporting technologies. It classifies users based on their position in an organization, and supporting attributes that describe users. It defines roles as collections of pre-defined kinds of access to information systems and other I.T. infrastructure. Policies are designed to automatically attach users to roles based on their dynamic classification. This document illustrates why policy-based provisioning, though appealing in theory, is impractical to implement in enterprise-sized organizations. It then describes alternate solutions that \emph{can} be successfully deployed in such organizations.
Please register
Access to this document requires registration. Please fill in the form below. The full document will be emailed to you automatically.