Ukuphathwa kwe-Identity and Access kuyindlela yokuphepha eyenza abantu abafanele bakwazi ukuthola izinsiza ezifanele ngesikhathi esifanele ngezizathu ezifanele.
Kulokhu okuthunyelwe, sizobheka ukubuka konke kwezihloko eziyinhloko ezihlotshaniswa ne-Identity and Access Management.
Lapho umuntu ezama ukufinyelela insiza, sidinga ukuqiniseka ukuthi umsebenzisi ungulowo umsebenzisi athi unguye.
Ubunikazi inqubo yokunikeza ubunikazi obuhlukile kuwo wonke umsebenzisi ngamunye ukuze babonakale.
Izinhlelo zokusebenza nezinhlelo zisebenzisa ukuhlonza ukuthola ukuthi umsebenzisi angakwazi ukufinyelela izinsizakusebenza.
Inqubo yokuphathwa kobunikazi ifaka ukudalwa, ukuphathwa nokususwa komazisi ngaphandle kokukhathazeka ngamazinga abo okufinyelela.
Ukufakazela ubuqiniso inqubo yokufakazela ubunikazi. Ukuze wenze kanjalo, umsebenzisi kufanele athumele imininingwane yakhe ebhizinisini lokufakazela ubuqiniso ukuze athole ukufinyelela.
Ukufakazela ubuqiniso kuvame ukubizwa ngokuthi yi-AuthN.
Umazisi kwenzeka lapho umsebenzisi ethi ungubani (njengegama lomsebenzisi). Ukufakazela ubuqiniso kwenzeka lapho abasebenzisi beveza ubunikazi babo.Kunezinhlobo ezahlukahlukene zokufakazela ubuqiniso:
Ngokuvamile, kunezinto ezintathu ezijwayelekile ezingasetshenziselwa ukuqinisekiswa:
Ukuqinisekiswa kwezinto eziningi kusetshenziswa okungu-2 noma ngaphezulu kwanoma iyiphi yalezi zindlela.
Inhloso yokuqinisekiswa kwe-Multi-factor ukufaka enye isendlalelo sokuvikela kunqubo yokufakazela ubuqiniso.
I-Single Sign-On (SSO) impahla evumela umsebenzisi ukuthi angene ohlelweni olulodwa, futhi athole ukufinyelela kuzo zonke ezinye izinhlelo ezihambisana nayo.
Isibonelo se-SSO kulapho ungena ngemvume ku-Google bese ukwazi ukufinyelela i-gmail, i-Google Amadokhumenti, i-Google AmaSpredishithi, ngaphandle kokuthi uphinde unikeze imininingwane yakho yokungena ngemvume.
I-Federation imane ivumela i-SSO kwizizinda eziningi. I-Google ne-Facebook bangabahlinzeki ababili abakhulu be-Federation.
Lokhu kuvumela abasebenzisi bethu ukuthi baqinisekise kumasistimu ethu besebenzisa izifakazelo zabo esivele zikhona nalabo bahlinzeki.
Amathokheni angaba yi-hardware noma isoftware futhi anikeze inqubo yokuqinisekisa ezungeze 'okuthile onakho'.
Amathokheni wehadiwe angaba “amakhadi ahlakaniphile” ongawasebenzisa ukuxhuma kwikhompyutha yakho ngesifundi sekhadi esinikeza ubuqiniso.
Amathokheni weSoftware angafakwa kunoma iyiphi idivayisi (isb. Ifoni ephathekayo) futhi asetshenziselwa ukwenza ikhodi yokudlula yesikhathi esisodwa.
Ukugunyazwa kuyinkqubo yokunquma ukuthi yibaphi abasebenzisi abangafinyelela kuziphi izinsiza ohlelweni.
Abasebenzisi babelwa noma banikezwa ukufinyelela kuzinsizakusebenza ezithile ngaphakathi kohlelo. Lokhu kufinyelela kuvame ukususelwa endimeni yomsebenzisi.
Lapho umsebenzisi eqinisekisiwe, lapho-ke bagunyazwa ukufinyelela izinsizakusebenza ezabelwe.
Okuhlobene:
Sidinga i-IAM ngezizathu eziningi:
Okokuqala, sidinga i-IAM ukuvikela amasistimu ethu. Asifuni noma ngubani ukuthi afinyelele kumininingwane yethu eyimfihlo noma eyimfihlo ngaphandle kokuthi afakazele ukuthi ungubani.
Okwesibili, sidinga ukuqinisekisa ukuthi abantu abagunyaziwe kuphela abangafinyelela kuzinsizakusebenza ababelwe zona.
Sidinga ne-IAM yokuphendula. Uma isenzo senziwe, sidinga ukwazi ukuthi ubani owenza leso senzo. Singabheka izingodo zesistimu ezinikezwe ubunikazi. Ngaphandle kwe-IAM, asinayo indlela yokwazi ukuthi ubani owenza isenzo sini.
Ezinsukwini zokuqala lapho abathuthukisi bakha izinhlelo zokusebenza ezazidinga ukuqinisekiswa komsebenzisi, kwakudingeka bakhe isitolo somsebenzisi ngaphakathi kohlelo ukuze bakhombe. Ngaphezu kwalokho onjiniyela bekufanele benze enye indlela yokufakazela ubuqiniso nezindima kanye nenjini yamalungelo.
Uhlelo lokusebenza ngalunye olusha ludinga lokhu kusethwa. Izinkinga ngalokhu ukuthi lapho indlela yokufakazela ubuqiniso kufanele iguquke, onjiniyela bekufanele bashintshe zonke izinhlelo zokusebenza ukubhekelela imfuneko entsha.
Sebenzisa indlela yokuqinisekisa yendawo kubuhlungu kubasebenzisi, abathuthukisi nabaphathi:
Kusetshenziswa Umhlinzeki Wobunikazi (i-IdP) kusombulula lezi zinkinga.
Indlela yesimanjemanje ye-Identity and Access Management isebenzisa imodeli yokufinyelela esekwe kusimangalo.
Ekufinyeleleni okususelwe kusicelo onjiniyela bathatha indawo yomqondo wokuqinisekisa kuhlelo lokusebenza ngomqondo olula ongamukela i-a Faka isicelo .
TO Ukwethemba Kumiswa phakathi kohlelo lokusebenza nomthombo wokufakazela ubuqiniso nokugunyazwa kuleli cala umhlinzeki wobunikazi noma i-IdP.
Isicelo sizokwamukela ngenjabulo isimangalo esithunyelwa kusuka ku-IdP.
Futhi uhlelo lokusebenza akudingeki ukuthi luphathe noma yimaphi amaphasiwedi ngoba abasebenzisi abakaze baqinisekise ngqo kuhlelo lokusebenza. Esikhundleni salokho abasebenzisi baqinisekisa kumhlinzeki wobunikazi odala isimangalo noma ithokheni yokufinyelela ethunyelwa kuhlelo lokusebenza.
Kusetshenziswa Umhlinzeki Womazisi kusho:
Ubunikazi inqubo yokunikeza ubunikazi obuhlukile kuwo wonke umsebenzisi ngamunye ukuze babonakale.