In the field of identity management, metadata has an important role and value. Metadata helps to understand the structure and meaning of data, improve data processing efficiency; promote cross-department and cross-organization data sharing and collaboration; and support data analysis and provide support for business decision-making.
Currently, the Authing identity cloud has launched the data object management function. The data object management function can manage metadata, which not only helps enterprises create unique identity sources, so as to carry more business-related smallest granular data; at the same time, it can also analyze user and entity behavior, so as to build more Secure authentication method.
Metadata is the data that describes the data. It defines a structured structure for the data, which is used to describe the characteristics, attributes and meaning of the data, so that users and analysis tools can understand the data. Metadata provides information about data, which is critical to understanding how data is created, stored, accessed, and used. Therefore, metadata is widely used in various industries, and development is particularly important.
In the development world, metadata is used to organize and retrieve data to help developers, data scientists, and other professionals manage, analyze, and utilize data more effectively. Examples include resource management and data governance.
- In resource management, metadata is used to describe and manage resources of applications or software, such as pictures, videos, audio, etc. This metadata can help developers understand how to access and use these resources.
- In data governance, metadata is used to manage data quality, data security, and data compliance. Metadata can help organizations identify and resolve data issues, ensuring data consistency, accuracy, and completeness.
Resource management and data governance are key links in the enterprise identity governance process. As a next-generation event-driven cloud-native identity governance platform, Authing Identity Cloud combines with metadata capabilities to achieve Turing completeness in the identity field. The Authing identity cloud with metadata capabilities can not only help enterprises manage resources and manage data more effectively, but also improve business efficiency through identity governance. The following will describe in detail the metadata capabilities and value of Authing identity cloud data object management.
01. Build a unique source of identity
Metadata is data that describes data and can provide information about data content, structure, and characteristics that can uniquely identify and track data. Enterprises can centrally store and manage all metadata by maintaining a metadata center or directory.
Enterprises integrate raw data with various systems through APIs, allowing data transmission and sharing between systems, and ensuring the consistency of metadata between systems. Metadata can also be customized according to a specific organization's directory structure and data model, with the flexibility to adapt to different organizational and enterprise directories. The consistency and extensibility of metadata make it the only source of identity for the enterprise.
The data object management function of Authing Identity Cloud supports the mapping of fields required for identity management to metadata, and realizes a unique identity source management platform based on metadata. For example, when an enterprise modifies a password in AD, the identity automation capability is used to change the corresponding user password in the Authing metadata for coverage. In this way, a unique identity source management platform based on metadata can be realized. At
the same time, through the metadata capability of data object management, it can also carry more business-related smallest granular data, and identity services can be closely connected with customer business through identity automation. In this way, enterprises can not only centralize and unify the management of scattered identity directories, but also achieve high-quality data management and reduce the operating costs of enterprises.
02. Adaptive MFA
Multi-factor authentication (MFA) is a measure to improve system security. On the basis of the account password, additional verification factors such as SMS verification code, one-time password, fingerprint, etc. are added to add a layer of protection to the login process.
Using metadata to provide additional information can enhance MFA's level of protection and ensure identity accuracy and security. For example, when SMS verification codes are used as verification factors, information such as the sending time and source of the SMS can be recorded through metadata, thereby increasing the reliability of verification.
However, although MFA improves the security level of user identification to a certain extent, it also increases login resistance for users and brings poor user experience, and the added authentication factor is only a one-time verification, which will not be used in subsequent user changes. There is no security guarantee in the scene.
The metadata capability of Authing identity cloud data object management can analyze the behavior of users and entities, and realize adaptive multi-factor authentication (Adaptive MFA). Object management with metadata capabilities can store information such as user behavior types, behavior results, and operation types. Combined with Authing's user and entity behavior analysis technology UEBA, it can organize policies based on user behavior, device information, and IP addresses. , adaptively match the corresponding MFA policy.
Authing Identity Cloud is based on Adaptive MFA, adding a continuous verification mechanism, which can be continuously verified during the life cycle of users using the product. Through the analysis of user behavior and user environment analysis, real-time dynamic and continuous assessment of current risks, once the risk mechanism is triggered, MFA authentication will be activated in real time, and the current status of users will be immediately blocked, thereby improving account security.
Adaptive MFA based on metadata capabilities not only improves user experience, but also solves the problem of one-time verification exposed in the trend of contemporary network security environments, and fully meets the security demands of enterprises and businesses.
03. Smooth localization substitution
Driven by digital transformation and information security policies, it has become a trend for traditional enterprises to use localized software to replace AD directories or decouple from AD. However, AD data involves complex relationships between people and organizations, between people and organizations, and between people and equipment. Localization replacement needs to face the reliability of software, the compatibility of old applications, the difference in user experience, and the constraints of future architecture. Adaptation and many other challenges.
Therefore, although many enterprises have the intention of localization and substitution, they can only hold back in the face of high costs.
Authing identity cloud data object management can be abstracted into a data warehouse , without rebuilding the directory, it can flexibly map the functional fields on the AD directory to the data object management, quickly build a complete user directory framework, and confirm the relationship between data association relationship, thereby helping enterprises replace AD directories more agilely and lightweightly.
04. Support the personalized construction of enterprises
Identity serves the business of the enterprise. To build an identity management platform, an enterprise must not only solve authentication and security issues, but also meet some business needs that are highly coupled with identity. However, in order for the identity management platform to support scenarios that are highly coupled with identities, it is necessary to invest in research and development resources for targeted development according to the business, which additionally increases the cost of the enterprise.
Authing identity cloud data object management has the ability to quickly build basic management. In business scenarios that are highly coupled with identities, enterprises can quickly create basic background management that meets personalized services by storing business-related fine-grained fields through the metadata capability of data object management. In the Authing PaaS platform, an independent console menu can also be created based on the metadata capability to further improve the business efficiency of the enterprise.
05. Authing core functions of identity cloud data object management
User can customize data object
Users can create a new data object through the creation function, and can customize the basic information of the configuration data object.
custom data object
Field types that support configuration data objects
The field type of the data object supports common text (single-line text, multi-line text), number, date, selection (Boolean value, enumeration value), and associated data types.
field type selection
Operations that support configuration functions
The operation of the function can be configured. Create, edit, delete, import, export are provided by default.
operations management
Support configuration details page layout
You can configure the number of tab pages on the details page and the field information corresponding to each tab page, and you can also control the layout and occupation length of the created fields by dragging and dropping.
Details page configuration
Provides the best domain model for the identity domain
Provide the best domain model in the identity domain, including: users, departments, organizations, user groups, positions, and application access control.
The best domain model for the identity domain
Domain model & custom metadata support directly called by identity automation
The domain model & custom metadata support being directly called by Identity Automation, and the corresponding events & Actions are generated in conjunction with Identity Automation.
Automatically generate actions related to identity automation
Provide standard API and SDK
Provide standard API interface and SDK capabilities for developers, and provide operation manuals for business descriptions for business parties.
API interface documentation
Display all list fields of the associated side data object
Displays the list fields of objects with associated data selected by the user, providing overall filtering. When the amount of data is too large to generate pagination, you can perform overall filtering by checking the selected records.
List fields support page filtering
06. Client case: a large domestic financial management institution
Demand Scenarios and Demands
The organization is faced with a large number of investment managers, systems, and complex authorization management scenarios. Due to the uncertain and variable characteristics of business needs and user authorizations of various departments, the overall management process becomes extremely heavy. In addition, these business and Authority management is the core link of enterprise operations, so it is necessary to find a more agile way to effectively manage these scenarios, thereby reducing institutional data security risks.
There are a large number of end users outside the organization. These users are distributed in different regions and groups, and their needs and behaviors are diverse. Therefore, it is necessary to dig deep into business growth points through effective tag management, and then drive business growth through precise automated marketing.
solution
Authing implements all business functions around identity governance and permission security. Authing identity cloud data object management helps customers to completely construct data entities such as permissions, employees, products and user information. At the same time, the customer constructs the most fine-grained data fields in entities of several dimensions, and completes all aspects of the business through Authing. Finally, the result is returned to the self-developed system.
The application of metadata in various industries has undoubtedly brought great convenience to enterprises in information retrieval, information management and precision marketing. In the field of identity management, based on the ability of metadata, Authing identity cloud data object management can provide the best solution for the specific business needs of enterprises.