Interpretation of Identity Identification and Analysis of Technical Implementation (1)

Enterprise 2023-05-05 22:25:56 views: null

6.1.4.1 Identity authentication
The requirements of this item include:
a) Identity identification and authentication should be carried out for logged-in users. Identity identification is unique, and identity authentication information has complexity requirements and should be changed regularly; b) It should have a
login failure processing function, and should configure And enable related measures such as ending the session, limiting the number of illegal logins, and automatically exiting when the login connection times out

 

 

In the hierarchical protection system, the higher the level, the higher the security requirements.

In MLPS 2.0, identity authentication requirements are mainly mentioned in the secure physical environment and secure computing environment. Identity authentication in a secure physical environment mainly refers to the identity authentication that a real person needs to perform when entering the computer room, and identity authentication in a secure computing environment mainly refers to the identity authentication that needs to be performed when a user logs in to a computer, other computing equipment, or a business system. In Class 3, it is required to use two-factor authentication technology; in Class 4, it is required to verify or authenticate the two parties in the communication based on cryptographic technology before communication in the secure communication network, and the communication between computers or processes needs to be authenticated. certified.

Identity authentication technology is the security technology that most of us are most familiar with. Every day when we log in to computers and mobile phones, we must perform identity authentication before we can perform various operations. The purpose of identity authentication is to confirm the identity of the user, which is the most basic security technology and the most important security technology, because other security technologies (such as authority control, security audit, etc.) all rely on user identity information. If identity information is not credible, security becomes a tree without roots, water without a source, and loses its foundation.

In addition, it is mentioned in the guarantee 2.0 that the identity must be uniqueÿ

Guess you like

Origin blog.csdn.net/luozhonghua2014/article/details/130478572
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com