access permissions according to the policies and access control
            procedures of the organization. This prevents a local office from
            setting up access permissions according to a local, inconsistent
            process.

            A centralized system can be set up to manage access as a front
            end portal or as a backend authentication server using a product
            like RADIUS or TACACS+.



            Decentralized Access Control
            Decentralized access control is when a local office or system
            owner has the authority to manage access permissions directly.
            This is an ideal solution for an organization that is quite spread
            out, with many local variances and local operating
            environments. This method is flexible to local needs, quickly
            responsive, and much less bureaucratic. However, it is rife with
            security flaws - a manager may just grant too much access to
            staff, may violate privacy laws, may set up access
            inconsistently, and may not review access permissions or logs
            regularly.



            Federated Identity Management
            Many organizations today use federated identity management to
            allow customers to log in once to a trusted business partner and
            then access the systems and data from other partners in the
            federation without having to log in repeatedly to each partner.
            This process uses the Security Association Markup Language
            (SAML) and security artifacts to manage user access. This
            makes the interaction between the user and the web-based
            services of an organization much more user-friendly and