IM InfoSphere Identity Insight, Version 8.0

Separation Configuration - General tab

Use the General tab to specify the details of the separation configuration.

ID
Type the unique integer to identify the separation configuration.
The ID value is automatically populated with the next sequential number not in use.
Code
Type a unique value to identify this role.
Description
Type a description for this separation configuration.
Max depth
The maximum number of degrees of separation of one multi-degree relationship chain in an entity graph considered for role alert detection.
For example:
max depth
  • Entity A know entity B.
  • Entity B knows entity C.
The depth of this entity graph is two: entity A knows entity B, and entity B knows entity C.
Path strength threshold
The calculated path strength threshold of a role alert chain. A role alert chain whose path strength is below this threshold will not generate role alerts.
The path strength is the product, converted to an integer, of the relationship score decimal conversions of every entity in the role alert chain.
The default is 15.
For example:
path strength threshold
  • Entity A know entity B.
  • Entity B knows entity C.
  • Entity A knows entity D.
  • Entity D knows entity E.
  • The relationship score for entity A knows entity B is 90. 90 is converted to the decimal .9
  • The relationship score for entity B knows entity C is 70. 70 is converted to the decimal .7
  • The relationship score for entity A knows entity D is 80. 80 is converted to the decimal .8
  • The relationship score for entity D knows entity E is 70. 70 is converted to the decimal .7
  • The relationship scores in the role alert chain are multiplied; (.9 x .7 x .8 x .7) = .3528
  • .3528 is converted to the integer 35.
If the path strength threshold is less than or equal to 35, a role alert can be generated based on this separation configuration.
Degrees of Separation evaluates all paths that connect two entities and will use the strongest path strength in reporting relationships.
Max role alert degree
The maximum number of degrees of separation between the two entities at the end of two multi-degree relationship chains in an entity graph considered for role alert detection.
For example:
max role alert degree
  • Entity A know entity B.
  • Entity B knows entity C.
  • Entity A knows entity D.
  • Entity D knows entity E.
  • Entity E knows entity F.
  • Entity F knows entity G.
The role alert degrees of this entity graph are:
  • The role alert degree between entity A and entity B is 1.
  • The role alert degree between entity A and entity C is 2.
  • The role alert degree between entity A and entity D is 1.
  • The role alert degree between entity A and entity E is 2.
  • The role alert degree between entity A and entity F is 3.
  • The role alert degree between entity A and entity G is 4.
  • The role alert degree between entity B and entity G is 5.
  • The role alert degree between entity C and entity G is 6.
If the max role alert degree is 6, entity C knows entity G can generate a role alert.


Feedback

Last updated: 2011