| As the rapid development of the informatization, the number of the systems in enterprises and the system users increase continually. At the present stage, most of the application systems have their respective information data, which is responsible for the management of the account, authentication, authorization, and auditing. So some potential safety hazards are brought and users' efficiency is reduced.This subject first gave a deep study and analysis to several access control models and the AAAA (Account,Authentication,Authorization and Audit) framework. In this base presented AAAA reconstruction of the internal application system requirement from some network operator nationwide, contemporarily, we did feasibility analysis, and then we designed and realized a role-based identify and access management (IAM) system.This system's primary characters are the unified account management, the unified authentication management, the unified authorization management, the unified audition and the Single Sign On (SSO) , which can correct the shortage presenting in above paragraph and make the system runing in safe and highly active environment.We presented and realized the IAM system's construction,which bringed accounts management which is at the enterprise internal application layer into the AAAA frame,unified management for application systems' accounts, unified authentication and authorization for application systems,unified auditing for user's action. Besides, we also realized SSO at system layer, which makes users' single entry could sikp to any different application system, without entrying again. |
PDF Full Text Request