A recurring security scenario involves the problem of removing the access rights of an employee upon employee termination. A solution is presented in the form of procedures and an infrastructure. Operationally, sensors track security-related user operations (e.g. password use and object accesses) to determine the true access rights associated with a user. Security administrators combine that information with recorded access controls and invoke actuators to perform actions necessary to remove the complete access rights of a user. 1