none Ukuphepha Ukubuka konke kwe-Identity and Access Management (IAM) kanye ne-Identity Provider (IdP)

Ukubuka konke kwe-Identity and Access Management (IAM) kanye ne-Identity Provider (IdP)

Ukuphathwa kwe-Identity and Access kuyindlela yokuphepha eyenza abantu abafanele bakwazi ukuthola izinsiza ezifanele ngesikhathi esifanele ngezizathu ezifanele.

Kulokhu okuthunyelwe, sizobheka ukubuka konke kwezihloko eziyinhloko ezihlotshaniswa ne-Identity and Access Management.



Yini i-Identity

Lapho umuntu ezama ukufinyelela insiza, sidinga ukuqiniseka ukuthi umsebenzisi ungulowo umsebenzisi athi unguye.


Ubunikazi inqubo yokunikeza ubunikazi obuhlukile kuwo wonke umsebenzisi ngamunye ukuze babonakale.

Izinhlelo zokusebenza nezinhlelo zisebenzisa ukuhlonza ukuthola ukuthi umsebenzisi angakwazi ukufinyelela izinsizakusebenza.


Inqubo yokuphathwa kobunikazi ifaka ukudalwa, ukuphathwa nokususwa komazisi ngaphandle kokukhathazeka ngamazinga abo okufinyelela.



Kuyini Ukufakazela ubuqiniso

Ukufakazela ubuqiniso inqubo yokufakazela ubunikazi. Ukuze wenze kanjalo, umsebenzisi kufanele athumele imininingwane yakhe ebhizinisini lokufakazela ubuqiniso ukuze athole ukufinyelela.

Ukufakazela ubuqiniso kuvame ukubizwa ngokuthi yi-AuthN.

Umazisi kwenzeka lapho umsebenzisi ethi ungubani (njengegama lomsebenzisi). Ukufakazela ubuqiniso kwenzeka lapho abasebenzisi beveza ubunikazi babo.

Kunezinhlobo ezahlukahlukene zokufakazela ubuqiniso:


Ukufakazela ubuqiniso be-Multi-factor (MFA)

Ngokuvamile, kunezinto ezintathu ezijwayelekile ezingasetshenziselwa ukuqinisekiswa:

  • Okuthile okwaziyo (njengephasiwedi)
  • Okuthile onakho (njengekhadi le-smart)
  • Okuthile oyikho (njengezigxivizo zeminwe noma enye indlela yebhayomethrikhi)

Ukuqinisekiswa kwezinto eziningi kusetshenziswa okungu-2 noma ngaphezulu kwanoma iyiphi yalezi zindlela.

Inhloso yokuqinisekiswa kwe-Multi-factor ukufaka enye isendlalelo sokuvikela kunqubo yokufakazela ubuqiniso.

Ukungena ngemvume okukodwa (i-SSO)

I-Single Sign-On (SSO) impahla evumela umsebenzisi ukuthi angene ohlelweni olulodwa, futhi athole ukufinyelela kuzo zonke ezinye izinhlelo ezihambisana nayo.


Isibonelo se-SSO kulapho ungena ngemvume ku-Google bese ukwazi ukufinyelela i-gmail, i-Google Amadokhumenti, i-Google AmaSpredishithi, ngaphandle kokuthi uphinde unikeze imininingwane yakho yokungena ngemvume.

I-Federation

I-Federation imane ivumela i-SSO kwizizinda eziningi. I-Google ne-Facebook bangabahlinzeki ababili abakhulu be-Federation.

Lokhu kuvumela abasebenzisi bethu ukuthi baqinisekise kumasistimu ethu besebenzisa izifakazelo zabo esivele zikhona nalabo bahlinzeki.

Amathokheni

Amathokheni angaba yi-hardware noma isoftware futhi anikeze inqubo yokuqinisekisa ezungeze 'okuthile onakho'.


Amathokheni wehadiwe angaba “amakhadi ahlakaniphile” ongawasebenzisa ukuxhuma kwikhompyutha yakho ngesifundi sekhadi esinikeza ubuqiniso.

Amathokheni weSoftware angafakwa kunoma iyiphi idivayisi (isb. Ifoni ephathekayo) futhi asetshenziselwa ukwenza ikhodi yokudlula yesikhathi esisodwa.



Ukugunyazwa

Ukugunyazwa kuyinkqubo yokunquma ukuthi yibaphi abasebenzisi abangafinyelela kuziphi izinsiza ohlelweni.

Abasebenzisi babelwa noma banikezwa ukufinyelela kuzinsizakusebenza ezithile ngaphakathi kohlelo. Lokhu kufinyelela kuvame ukususelwa endimeni yomsebenzisi.


Lapho umsebenzisi eqinisekisiwe, lapho-ke bagunyazwa ukufinyelela izinsizakusebenza ezabelwe.

Okuhlobene:



Kungani sidinga i-IAM

Sidinga i-IAM ngezizathu eziningi:

Okokuqala, sidinga i-IAM ukuvikela amasistimu ethu. Asifuni noma ngubani ukuthi afinyelele kumininingwane yethu eyimfihlo noma eyimfihlo ngaphandle kokuthi afakazele ukuthi ungubani.

Okwesibili, sidinga ukuqinisekisa ukuthi abantu abagunyaziwe kuphela abangafinyelela kuzinsizakusebenza ababelwe zona.

Sidinga ne-IAM yokuphendula. Uma isenzo senziwe, sidinga ukwazi ukuthi ubani owenza leso senzo. Singabheka izingodo zesistimu ezinikezwe ubunikazi. Ngaphandle kwe-IAM, asinayo indlela yokwazi ukuthi ubani owenza isenzo sini.



Kusetshenziswa Umhlinzeki Wobunikazi (i-IdP)

Ezinsukwini zokuqala lapho abathuthukisi bakha izinhlelo zokusebenza ezazidinga ukuqinisekiswa komsebenzisi, kwakudingeka bakhe isitolo somsebenzisi ngaphakathi kohlelo ukuze bakhombe. Ngaphezu kwalokho onjiniyela bekufanele benze enye indlela yokufakazela ubuqiniso nezindima kanye nenjini yamalungelo.

Uhlelo lokusebenza ngalunye olusha ludinga lokhu kusethwa. Izinkinga ngalokhu ukuthi lapho indlela yokufakazela ubuqiniso kufanele iguquke, onjiniyela bekufanele bashintshe zonke izinhlelo zokusebenza ukubhekelela imfuneko entsha.

Sebenzisa indlela yokuqinisekisa yendawo kubuhlungu kubasebenzisi, abathuthukisi nabaphathi:

  • Abasebenzisi kumele bafake igama lomsebenzisi nephasiwedi ukufinyelela uhlelo ngalunye, okusho ukuthi, akukho lwazi lwe-SSO
  • Ngokuvamile kungaholela ekusebenziseni amaphasiwedi abuthakathaka noma ukusetshenziswa kabusha kwamaphasiwedi
  • Onjiniyela kufanele baphathe enye insiza
  • Ayikho indawo eyodwa yokuphatha abasebenzisi

Kusetshenziswa Umhlinzeki Wobunikazi (i-IdP) kusombulula lezi zinkinga.

Imodeli Yokufinyelela Esuselwe Kusimangalo

Indlela yesimanjemanje ye-Identity and Access Management isebenzisa imodeli yokufinyelela esekwe kusimangalo.

Ekufinyeleleni okususelwe kusicelo onjiniyela bathatha indawo yomqondo wokuqinisekisa kuhlelo lokusebenza ngomqondo olula ongamukela i-a Faka isicelo .

TO Ukwethemba Kumiswa phakathi kohlelo lokusebenza nomthombo wokufakazela ubuqiniso nokugunyazwa kuleli cala umhlinzeki wobunikazi noma i-IdP.

Isicelo sizokwamukela ngenjabulo isimangalo esithunyelwa kusuka ku-IdP.

Futhi uhlelo lokusebenza akudingeki ukuthi luphathe noma yimaphi amaphasiwedi ngoba abasebenzisi abakaze baqinisekise ngqo kuhlelo lokusebenza. Esikhundleni salokho abasebenzisi baqinisekisa kumhlinzeki wobunikazi odala isimangalo noma ithokheni yokufinyelela ethunyelwa kuhlelo lokusebenza.

Kusetshenziswa Umhlinzeki Womazisi kusho:

  • Onjiniyela akudingeki ukuthi bakhe izindlela eziqinile zokufakazela ubuqiniso; futhi akudingeki bavikele abasebenzisi amaphasiwedi
  • Uma ushintsho lwendlela yokufakazela ubuqiniso ludingeka siyiguqula kumhlinzeki wobunikazi kuphela. Uhlelo lokusebenza luhlala lungashintshiwe
  • Abasebenzisi bayajabula - bangaqinisekiswa kanye kumhlinzeki wobunikazi futhi bafinyelele ngaphandle komthungo kwezinye izinhlelo ezinikeziwe, isb (SSO)
  • Abaphathi nabo bajabule - uma umsebenzisi eshiya inkampani umphathi angakhubaza umsebenzisi kumhlinzeki kamazisi futhi ahoxise ngokushesha konke ukufinyelela.


Isifinyezo

Umaz

Ubunikazi inqubo yokunikeza ubunikazi obuhlukile kuwo wonke umsebenzisi ngamunye ukuze babonakale.

Ukufakazela ubuqiniso vs Ukugunyazwa

Umbhali

  • Isenzo sokufakazela ukuthi ungubani
  • Imvamisa kuthiwa yi-AuthN
  • Izindlela ezijwayelekile ze-AuthN:

    • Ukuqinisekiswa okususelwa kufomu (igama lomsebenzisi nephasiwedi)

    • Ukuqinisekiswa kwe-Multi Factor (MFA)

    • Amathokheni

I-AuthZ

  • Isenzo sokunikeza othile ukufinyelela
  • Imvamisa kuthiwa yi-AuthZ
  • Izibonelo ze-AuthZ

    • Into yakho yomsebenzisi iyilungu leqembu. Iqembu linelungelo lefolda enamalungelo athile. Ugunyaziwe ukuxhumana namafayela angaphakathi kwefolda.

I-IdP

  • Indawo eyodwa yokuphatha abasebenzisi, ukufakazela ubuqiniso nokugunyazwa
  • Kuphephe ngokwengeziwe, kuphoqelela amazinga embonini ekuphathweni komsebenzisi nephasiwedi
  • Inikezela nge-SSO
  • Ukuphathwa kokufinyelela okulula nokuchithwa

none

none

Wonke amafoni amasha weTracFone kanye neStraight Talk eWalmart, amanani entengo kusuka ku-LG Stylo 5 kuya kuNothi 10
Wonke amafoni amasha weTracFone kanye neStraight Talk eWalmart, amanani entengo kusuka ku-LG Stylo 5 kuya kuNothi 10
I-Call of Duty vs Ukuqhathanisa kwePubG: iyiphi enempi engcono?
I-Call of Duty vs Ukuqhathanisa kwePubG: iyiphi enempi engcono?
Ingabe uyidinga ngempela ifoni ye-5G njengamanje?
Ingabe uyidinga ngempela ifoni ye-5G njengamanje?
Bhekana nesexwayiso! I-Fitbit Charge HR izama u- $ 84.99 nje ku-eBay njengamanje, ama-43% esaphulelo sentengo yayo ejwayelekile
Bhekana nesexwayiso! I-Fitbit Charge HR izama u- $ 84.99 nje ku-eBay njengamanje, ama-43% esaphulelo sentengo yayo ejwayelekile
I-Apple iPad 8 vs iPad 7: Ingabe kufanele uthuthukise? Yini umehluko & apos?
I-Apple iPad 8 vs iPad 7: Ingabe kufanele uthuthukise? Yini umehluko & apos?
I-Apple iPad 8th Gen Unboxing
I-Apple iPad 8th Gen Unboxing
Idili: Kulungiswe kabusha i-Samsung Galaxy Tab A 8.0 ehliswe ngo-43% eWalmart
Idili: Kulungiswe kabusha i-Samsung Galaxy Tab A 8.0 ehliswe ngo-43% eWalmart
I-Pixel 6: Ngemuva kweminyaka engu-13, i-Android ekugcineni ithola i-iPhone yayo
I-Pixel 6: Ngemuva kweminyaka engu-13, i-Android ekugcineni ithola i-iPhone yayo
Nawa amacala asemthethweni we-Galaxy Note 4
Nawa amacala asemthethweni we-Galaxy Note 4
Ukuhlolwa Kwesoftware Nezinhlobo Zokucabanga Ezihlukile