Evolveum: Use of AI methods in Identity and Access Management

Evolveum is a developer of the open-source software midPoint, a unique solution combining identity management and identity governance with focus on technological and business requirements. Clients of midPoint have thousands (even tens of thousands) users with dozens of identities in different systems. This situation can be difficult to manage by hand. Some tasks like role mining, correlation of identities or outlier detection exhibit some level of repeatability in them.

This repeatability presents an opportunity to use AI methods to automate such tasks. However, AI in such a critical branch of IT should be applied with care. Hence, as the first step, the main goal of this project is to analyze the situation in IAM and possibilities of responsible use of AI in the midPoint solution. The goal is to identify possibilities of AI use from which clients can have real benefits. During our work and consultation, it will be important to take compiance with regulations and frameworks (e.g., ISO 27001, PCI DSS, HIPAA, NIST SP 800-53, GDPR, NIS) into account.

We will apply our AI expertise, together with Evolveum’s domain knowledge, to identify the best use of AI in the IAM domain where almost all the data is highly sensitive.