Design Of 4A Control System

AS the 4G business starts to run, Telecom operators keeps expanding the business scale and increasing the network equipment. In order to ease the manipulation and maintenance of the network equipment, strengthen the network system safety, meet the requirements of the sarbanes-oxley audit, especially prevent the unauthorized operation, and satisfy the date-safety management and audit, it is necessary to construct a mature safety management platform, and through the platform, to ensure the implement of all kinds of security measures.The 4A security control platform absorbs all kinds of network equipment into one managing system, unifies the access of operating staff, and marks all the manipulation procedures, realizes a reasonable management of all resources, an unique authorization certification, and a record of various behaviors.The 4A security control platform constructs an inner security control system of centralized account & password management, logs & audit management,and comprehensive maintenance access. All the sub-systems are interdependent and coordinated, just to form an unified platform and interface. For the users, to log in the platform, they must accept the security requirement of the 4A platform. These requirements are realized by system automation, while the users are unaware, just to achieve the centralization of operation, authorization, management and audit.The way which 4A platform adopts to enhance the authentication, is a vault management mode, aiming at bringing strong authentication to important resources, accounts and manipulating orders. For the purpose of providing the maintenance stuff a safe channel to access the VIP account, and preventing information abuse. Once a resource is managed on such mode, single-point log-in will not be allowed.At the same time, 4A platform must provide the audit data analysis function, and provide audit analysis rule management functions.The purpose of audit analysis is to match data which is relevant to system security in the massive log records, and analyze the system situation.A well-organized 4A platform follows an open design regulation, which can match the comprehensive need of CMCC, and can provide technical measures to unify CMCC’s security grades, simplify the complicity of designation.