Unified Identity Authentication In Power Information System: Research And Application

Posted on:2011-03-14

Degree:Master

Type:Thesis

Country:China

Candidate:K L Wang

Full Text:PDF

GTID:2178330338983886

Subject:Information security

Abstract/Summary:

PDF Full Text Request

In addition to the rapid growth of hard assets, Shanghai Electric Power Co., a power transmission, distribution and sales corporation, also built an extensive and valuable information management system and a network security system for compliance management. However, as the importance of the company's centralized applications and the demand on security increase, the original approach focusing on security at the border no longer meets the business- and application-level security needs.Currently, user identity management and authentication is done separately within individual business systems. At the same time, the scope of users for application systems is extending to include external users outside the power company, such as application developers, network maintenance contractors, as well as other temporary users. The rapid increase in the number of business systems and the number of system users exacerbate the pitfall of the current identity management approach. Authentication and management is not a new problem, but as the security boundary changes, security issues due to identity management vulnerabilities now pose greater threats to the entire system.This article propose to address the above problem with a unified authentication platform, on top of the existing power information management system. ISO27001 risk assessment and gap analysis is then applied to the Shanghai electric power information management system to produce in-depth analysis for the practical aspects of identity management. Based on the analysis, the overall design of the unified authentication platform framework is conducted according to information security management standards. The platform framework includes identity management, centralized authentication, single point of login, centralized authorization, centralized auditing and other key modules. Finally, an approach is created to integrate the unified authentication platform with existing application systems of the power information management system, through analyzing the application systems in detail. As the result, the research in this article provides a systematic, effective and reliable identity management solution for the Shanghai electric power information management system.

Keywords/Search Tags:

Unified Authentication, Access Control, Single Sign-on, ISO27001 Risk Assessment

PDF Full Text Request

Related items

1	Research And Implementation Of The Platform Of Unified Authentication And Authorization In Education Information Network
2	Unified Security Authentication Platform Design And Implementation
3	Design And Implementation Of The Unified Authentication And Single Sign On System Of Digital Library
4	Research And Implementation Of Unified Identity Authentication In Multiple Information Systems
5	The Design And Implementation Of A Unified Identity Authentication System For A Manufacturing Enterprise's Multi-application System
6	Design And Implement Of The New Architecture Of Unified Identity Authentication System In The CERNET
7	Research And Implementation Of A Single Sign-on Authentication Model Based On Web Service Design
8	The Design And Implementation Of Multi-Domain Single Sign-on System
9	Design And Implementation Of CAS Single Sign On And The Unified Identity Authentication System Based On
10	Unifide Access Authentication System On Application Layer Design