View Details: trial experience IDaaS service application identity
Click for: "Ali cloud the new conference channel"
Subscribe Now: Ali cloud the new conference · Weekly
With the rise of cloud and mobile applications on the Internet, corporate identity authentication and management also have to fit a variety of complex, mixed IT environments. Ali and so shield IDaaS (Identity as a Service) application identity services through centralized identity management service, to provide users with 5A integrated identity management platform to help users solve cross-domain enterprise applications across the cloud and access management challenges.
What Ali cloud IDaaS that?
IDaaS, is Identity as an abbreviation a Service, which is a cloud-based computing and micro-service architecture centralized identity management service, first of all it will give the user a unique identity of the account, as long as the account successfully passed the authentication, the user can free access to all authorized, any cross-domain enterprise applications across the cloud, including the deployment of public cloud, private cloud and local businesses in the engine room.
Ali cloud IDaaS around a unified identity account for the user to build a set of five major capacity as one unified platform for identity, and in accordance with the initials referred to as 5A integration platform.
What 5A Ali cloud integration platform IDaaS provided is?
5A integration platform, including a unified identity account (Account), unified identity authentication (Authentication), centralized authorization (Authorization), application management (Application), as well as the global Transparent Audit (Audit) five competencies.
Among them, a unified account (Account) provides for the construction of enterprise information unique user identity data, and centralized account life-cycle management; unified authentication (Authentication) to authenticate users in charge of security, multi-factor authentication can be centrally configure and integrate third party source of authority; centralized authorization (authorization) may authorize the scope of its accessible according to the user's department or role, so that once configured, take effect globally; application Manager (application) by centralized management of enterprise private and public cloud applications, mobile applications or even digital devices, to achieve single sign-on, and provide enterprise application portal for each user; transparent audit (audit) a detailed record of all user and administrator actions behavior, so that managers keep abreast of the use of enterprise digital assets.
Ali cloud IDaaS can help enterprises solve what?
1, the identity as a common basis for data IT to address employee account information silos, management omissions
modern enterprise digital management, must cooperate with each other to complete by the multiple application systems developed by different teams or vendors' systems are also easily become information islands, bringing hires, complicated time-consuming process when the job transfer, account privileges recovery is not complete and other issues after the departure of these problems are plaguing a growing number of business managers. To achieve a unified identity account not only solve these problems for managers, but also allows application developers freed from the burden of account management in order to focus more on the business itself.
2, password vulnerability
Although each application system have claimed that they will protect the user's password, and there is the complexity of the requirements, such as mandatory periodic revision of security measures, but from the user point of view, to remember multiple passwords and to ensure that different updated regularly, almost no one can complete the task, so the fact that most users use the same password on all systems, which led to the fall of a little fall overall situation; at the same time the user will add some rules in a password in order to memory, which also makes the hit library cracked become one of the most common means of attackers. And IDaaS unified authentication can authenticate the user through a variety of non-encryption scheme, such as a dynamic token changes every 30s, face, fingerprints and other biometrics, etc.; after the authentication, then using asymmetric encryption token passing to the application authenticated user identity, allowing users to access applications without having to re-authenticate, ensuring safety while offering productivity gains.
3, decentralized authorization and audit
management in multiple applications access authorization system is often a nuisance, which allows the administrator to distribute rights to become cautious and flow range; and the integration of different applications login log is even more difficult to achieve this allow managers to use digital assets across the enterprise as smoke and mirrors, or even the need for additional R & D investment can do. With IDaaS unified authorization management, administrators can apply at any time to access multi-perspective view of the authorization and, once configured truly global force. Meanwhile IDaaS brings together employees of entry, job transfer, leave, log out, and a series of important enterprise application access audit logs, can provide multi-dimensional display of fast reports and query capabilities to provide operational support for the meticulous management of enterprises.
4, to meet a number of national and other security compliance, internal audit listed companies as well as compliance requirements
such as 2FA solution in the unified authentication, double identification of the user's identity through recognition of two different combinations of factors to help companies meet their industry 2.0 to other security compliance requirements secondary authentication password. By the account of the real name of a thorough solution to the requirements account audit.
What are the technical advantages of cloud Ali IDaaS product is?
- SaaS mode to provide the service, companies do not need to own operation and maintenance, greatly reducing operational costs.
- Support for multiple accounts sources, such as AD, LDAP, and other standard SCIM API, companies can quickly import existing accounts.
- Pre-integrated cloud Ali RAM and industry commonly used SaaS service without excessive configuration that is able to open to use.
- It supports multiple authentication protocols, including SAML, OIDC, OAuth, CAS and all standard single sign-on protocol.
- For non-standard applications, also supports the API, SDK, on behalf of the cryptographic fill fast integration.
Ali cloud IDaaS improve what?
For corporate employees, IDaaS provides a unified information system portal, single sign-on convenience, in addition to a centralized office portal model is better than decentralized experience; for IT administrators, IDaaS provided to all accounts and authority for centralized management platform; for developers, IDaaS platform provides functionality and open API, you can re-use account management and authentication capabilities of the platform; for business owners, IDaaS also support the development of eco-businesses, easy to suppliers, partners and customers into a unified identity system, open up the upstream and downstream business chain.
View Details: trial experience IDaaS service application identity
Click for: "Ali cloud the new conference channel"
Subscribe Now: Ali cloud the new conference · Weekly