IAM is a set of business processes and management means to comprehensively establish and maintain digital identities and provide secure and effective access to IT assets.
The technology in the IAM field has evolved over several generations and has become relatively mature. Compared with traditional 3A and 4A, IAM involves the coordination of resources of the entire company and is applicable to the account management of all personnel, assets, and applications of the enterprise, mainly covering: centralized account management, unified identity authentication, fine-grained authorization, account lifecycle management, standardized service processes, and security audits.
SICAP open security management platform, based on IAM technology, separates access requests from request resources, enhances access control over users through unified identity and access management, manages user identity information and access rights of multiple systems, and provides single sign-on (SSO) to realize identity information sharing between multiple systems, builds a unified identity authentication management system for customers, and manages the whole life cycle of users
(1) Centralized account management:Centralized management of the accounts of personnel, assets, and applications to build a unified organization account information.
(2) Unified Identity and Identity Authentication:It supports multiple authentication methods such as static passwords, dynamic port tokens (SMS passwords, mobile phone tokens, digital certificates, RADIUS passwords, LDAP passwords, and AD domain passwords) and two-factor authenticationDifferent users can set different authentication methods based on security requirements.
(3) Fine-grained authorization management:
Supports fine-grained permission control based on account-role-permission management.
Supports fine-grained permission assignment for personnel, assets, protocols, and ports.
Support multiple authorized SSO single sign-on operations and uses.
(4) Service process:
It supports self-registration of accounts, and provides independent application for business processes such as entry, resignation, permission application, job transfer, and work handover.
(5) Security Audit:
Multi-dimensional statistics of accounts (availability, weak passwords, account expiration, password expiration, redundant accounts, permission changes, and inactivity) are supported
Supports regular account audits and result verifications.
Provide complete log audit to facilitate traceability and traceability.