Integrated identity and access management metamodel and pattern system for secure enterprise architecture

Identity and access management (IAM) is one of the key components of the secure enterprise architecture for protecting the digital assets of the information systems. The challenge is: How to model an integrated IAM for a secure enterprise architecture to protect digital assets? This research aims to address this question and develops an ontology based integrated IAM metamodel for the secure digital enterprise architecture (EA). Business domain and technology agnostic characteristics of the developed IAM metamodel will allow it to develop IAM models for different types of information systems. Well-known design science research (DSR) methodology was adopted to conduct this research. The developed IAM metamodel is evaluated by using the demonstration method. Furthermore, as a part of the evaluation, a pattern system has been developed, consisting of eight IAM patterns. Each pattern offers a solution to a specific IAM related problem. The outcome of this research indicates that enterprise, IAM and information systems architects and academic researchers can use the proposed IAM metamodel and the pattern system to design and implement situation-specific IAM models within the overall context of a secure EA for information systems.