nyenaceyg
Dołączył: 13 Gru 2010
Posty: 522
Przeczytał: 0 tematów
Ostrzeżeń: 0/5 Skąd: England
|
Wysłany: Wto 7:45, 26 Kwi 2011 Temat postu: PKI based digital identity management systems _410 |
|
|
PKI based digital identity management systems
Based on PK! The UniTruslt. DIDMS 'According to user needs in the development of a PKI solution for enterprise-class suite. UniTrust DIDMSTM is a soft and hard-one equipment system contains two components: DIDMSTMCA and DIDMSTMPMI & SSO. One DIDMSTMCA by providing authentication services to users with minimal investment to establish a controllable and convenient enterprise information security management system. It is like a miniature of the public network CA system can achieve almost all of the features provided by CA including system initialization, system management, customer information management, information management application for the certificate, certificate management, log management, certificate check,[link widoczny dla zalogowanych], CRL services, online certificate status queries, access control, media production and so the user certificate. In addition, it can store up to 7 years certificate was issued the certificate the amount of the recommended amount of not more than 1 million copies. Can support SHECA the UniTrust SafeEngine and certificate management interface for application development; and DIDMSTMPMI & SSO not only improve on the former Development system security. and realized access to the centralized control of information resources. Besides role-based provider of enterprise rights management model can be extremely convenient centralized authentication access control method makes the user, just log in once, you can visit l'ed all of the authorized services. DIDMSTM PMI & SSO, including DIDMS-SSO Client DIDMSTM PMI client software and servers. DIDNtm CA component DIDMSTm CA modules Description: system initialization implementation system initialization functions. including the deletion of all data. generate the default system administrator, system operator; generated or specified root certificate; change the system IP address. Systems Management system management requirements must be more than half of the PIN card authentication system administrator to access this module after the passage of the main management provides a system administrator, operator management, and root certificate of service, service management systems, system log management, License management, data backup, system recovery, twelve function. Which recorded each time log management operations and its main role is twofold: First, after the failure for the maintenance of inventory system is the second incident handling. For the system to provide on-site security audit log data. Is the basis for security auditing and tracking. user information and certificate management provide user information management part, the increase of user information, modify, and delete operations. System for the operation of the user is divided into units, units of departments, units, individuals and four types of servers. Certificate management part includes a certificate application, issuance, review, set aside, suspend, resume and other operations functions. And provide the certificate of media initialization, the user certificate information, statistics and historical information, the user queries and other operations. which the certificate was issued to support both offline or online mode the former issued a key pair generated by the DIDMSTM who own in the client is key to the browser or other PKI software generation; historical information to users query using fuzzy query, the user can enter certain items such as Email or name list will be able to obtain the corresponding certificate. user-service This module provides the system user certificate corresponding to its own operations. Include: user information to add, modify; certificate application, modify, and delete applications; certificate download, download the certificate root certificate update; certificate revocation; online certificate status check certificate revocation list (CRL) inquiries. One certificate update, certificate about to expire when the user, the system will automatically alert customers to the certificate update (email alerts) In addition the system will periodically publish the latest CRL. DIDMS PMI & SSO component role-based user rights management (PMI) in the management of their information systems are often required for each user the functions delineated the scope of its use. Multi-system, multi-user, multiple role groups .., these constraints on how a reasonable allocation, set up and combine the organic, the effectiveness of the enterprise, the construction of information security an important factor. To take advantage of the role of the classification system functions the way to organize the system administrator can assign privileges and role-based management are able to greatly reduce the administrative burden. DIDMS EMI & SSO feature DIDMS PMI & SSO taken a role-based Access Control Model makes enterprise rights management more reasonable, convenient, and realized access to information resources centralized control. Through this system, users need only log in once to access all of the authorized services. In addition the system also uses a centralized authentication method. If the user passed a DIDMS PMI & SSO login, the system can provide users automatically log on to the application systems. Since the whole design is based on PKI uses encryption and authentication technology system and therefore has very high security.
Post został pochwalony 0 razy
|
|