An information technology (IT) service desk functions as a point of contact between end users and an IT organization or service provider. Often, the service desk's goal is to restore service to and to fulfill requests from users as quickly as possible. However, recommended practices suggest that the service desk be given a broader role—beyond that of the traditional Help Desk—a role that spans the processes of incident, problem, change, and asset and configuration management. Organizations looking to adopt this approach using traditional technologies face the realities that these technologies are often not flexible enough to meet their needs, lack integration across the rest of their systems management tools, and do not deliver process optimization to match their efforts in adopting recommended practice approaches. Newer applications and platforms, such as those offered by the Microsoft Operations Framework (MOF), seek to overcome these difficulties.
IT management applications, such as Microsoft System Center solutions, help organizations manage their IT environments, from physical to virtual, across desktops, devices, and datacenters. These applications are designed to provide a single window into IT services to allow proactive planning, deployment, management, and optimization across IT platforms. IT management applications capture and aggregate practical knowledge about infrastructure, policies, processes, and recommended practices so IT professionals can build manageable systems and automate operations to reduce costs, improve application availability, and enhance service delivery.
Because of the differences in various environments in which IT workers use IT management applications, IT management applications are often built as data-driven systems in which an IT manager defines various object types that have significance to the organization, attributes for each object type, relationships between object types and so forth. For example, a service desk may have objects that represent service incidents, engineers in the service department, service contracts, and so forth. These objects may have relationships such as an “assigned to” relationship between a service incident and an engineer working on resolving the incident.
One objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. There are various strategies and techniques used to design secure systems. One technique enforces the principle of least privilege, where an entity has only the privileges needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it remains difficult for the attacker to access the rest of the system. Other techniques include subsystems that default to secure settings, and wherever possible are designed to “fail secure” rather than “fail insecure.” Ideally, a secure system can only be made insecure by a deliberate, conscious, knowledgeable, and free decision on the part of legitimate authorities. In addition, designers and operators of secure systems often assume that security breaches are inevitable and keep full audit trails of system activity to determine the mechanism and extent of security breaches after they occur.
The state of the art in security authorization solutions today depends on explicitly granting permissions over some objects to a user. One timesaving model allows assigning permissions over groups of objects to groups of users. In some cases, it is not practical to create a group of objects for each user or group of users because the number of groups would be overwhelming for an administrator to maintain and the calculation of group membership may overwhelm a system. Further the traversal of group memberships when determining authorization is more time consuming for the system than evaluating direct access to an object and is more cognitively difficult for an administrator to determine whether a user has access to a given object. Finally, using group-based authorization schemes results in additional complexity when an administrator applies conflicting authorization policies for a given user for a given object. For example, a user A is granted write access to objects in Group Z (which contains Object 1) and is denied access to objects in Group Y, which also contains Object 1. System designers often develop complex algorithms to evaluate permissions in such cases. Typically, groups can be based on either explicit membership (Group Z contains Object 1) or on dynamic group membership rules which evaluate the properties of objects to determine inclusion (include all objects of Type X where Property A=“foo” in Group Z). In systems where property values are rapidly changing, rule calculation to determine group membership may not be able to provide a secure solution in real time due to the latency caused by periodically calculating group membership.