Effective on- and offboarding

Maintaining strategies that translates into process and automation for quick on- and off boarding to and from the consortium lowers the threshold to add new members that can contribute to the overall workflow quality. This may obviously include additional primary members but just as importantly it could include utility or third-party members acting as meta data providers or validators of data. Just as important is the need for controlled and effective consortium member off-boarding as this can be prompted with short notice and high priority.

Identity, role and control

At the heart of any access control lies two major components that thus play equally important roles in a cross-domain communication consortium. The identity of the member needs to be verified and periodic re-verified to ensure that data is indeed shared with the right party but just as important is the current roles of that identity as this can in turn filter said user has privileges to do with the data. Know Your Client (KYC) is a set of tasks and processes that should be implemented in consortiums to ensure that identities can be trusted so that these can be paired with well-maintained repositories of current consortium roles and to whom these apply. With this data any consortium member organization can then create their own approval and access policies that gives them just the amount of control that they need.

It is a well-known fact in identity management however that effective access control is given to role-based groups rather than to individual users. For this to be effective, logical role structures with the right level of granularity must be established and maintained. This domain of work and associated support systems is known as “Role Based Access Control” (RBAC) and is as relevant in cross-domain workflows as any internal environments. To provide a fit-for-purpose RBAC service a complete accountability stack needs to be manned and managed.