Making sure that the right people have correct resource access is the very definition of Authorization. The first step in Authorization begins with Authentication of a person’s identity to make sure they are who they claim to be. After Authentication, there are various common methods for controlling Authorization.
In recent years the process of Authorization has been undergoing a transformation from a distributed security model where security is placed directly on the resources to a centralized model defined by a centralized Authorization policy. While there are many drivers for this trend, the move to cloud based computing and the increasing number of legal, regulatory or access governance requirements organizations face.
For both Authentication and Authorization, the user’s identity and the attributes associated with the identity represents a critical business object that the organization trusts and believes it understands the identity and who that identity represents. The identity is the starting point from which all access audit logging and access policy assignments will be made and because of this people will can be assigned responsibility for both granting and exercising access.
Gartner Consulting Group has written an interesting press release related to this topic and I suggest anyone who is interested should certainly read it. The article Six Trends That Will Drive the Evolution of Identity and Access Management and Privacy Management in 2012 describes trends that Gartner believes will change Identity and Access through 2012.