• Identity and Access Management (IAM)
    Identity and Access Management (IAM)
    Identity and Access Management (IAM)

Identity and Access Management (IAM)

Module Introduction

SiCAP-Identity and Access Management(IAM)Based on the design concept that an enterprise only needs to maintain a set of organizational structure, an enterprise only uses a set of user identity management system, and an enterprise only uses a set of user authentication system, it builds a unified identity management system for users through functional modules such as identity governance, authority governance, trusted authentication, auditing and wind control, realizes the visual control of user's whole lifecycle, and meets the needs of unified identity management, unified authority management, unified authentication management, security auditing and risk control.

Feature Description

  • Unified Account Management
    Construct a unified user management system with one set of organization, one set of personnel and one set of master account (ID) Support account collection management and two-way synchronization of each application system, simplify the management complexity of users and accounts, and reduce the security risk of system management; Builds its digital identity around the user, integrates the account information of each system, and realizes the unified management of the whole life cycle of the user's identity; Formulate identity management specifications, which can be based on global, organizational and account, and flexibly set different account policies and password policies; Account system co-construction and interoperability, supporting HR, OA, ESB, LDAP and other data access; Flexible expansion to meet individual needs, supporting customization of organization attributes and personnel attributes;
  • Unified Application Management
    Application security access, secret key, API management; Application integration of multiple protocols: oauth2, CAS, OpenID, SAML, JWT, RestFul; Flexible configuration of application interfaces, data calls; Application data collection, distribution.
  • Unified Authority Management
    The platform's own rights, based on role + organization hierarchy visibility, to achieve fine-grained control of menu-level and data-level rights; Application rights management, support for dynamic authorization of applications, according to the organization, position, user group, user authorization applications; Support role authority customization and dynamic allocation; Unified centralized authorization and control of all resource accounts, multi-dimensional matching of master and slave accounts, and fine-grained allocation; Permission compliance checking, effective verification of permission compliance;
  • Unified Authentication Management
    Support password authentication, Radius authentication, Ldap authentication, Ad domain authentication, SMS authentication, dynamic token authentication, cell phone token authentication, certificate authentication and other authentication methods; Support two-factor authentication and system-wide hybrid authentication, and different login authentication modes can be set according to different security levels; Support for external authentication systems; Provide SSO operation and use.
  • Security Audit Log
    User operation logs, account login logs, authentication logs, data synchronization logs, etc. are managed in a unified manner and audited in a comprehensive manner, so as to discover security-related problems in a timely manner and realize user behavior auditing, authentication auditing and API auditing.
  • Comprehensive Risk Control
    Provides ex-ante prevention with flexible configuration of system-level and application-level risk policies; Support intelligent identification of abnormal access behavior based on users' access behavior habits, from time, space, behavior, equipment and other dimensions; Provide mid-control, triggering risk control policies to implement different risk control measures, including: blocking, secondary authentication, release, and alerts; Provide whitelisting mechanism, system-level and application-level whitelist can be set; Support trusted browser management, using non-trusted browser login, triggering the wind control rules; Support session management, support abnormal online session logout operation.
  • Unified Portal Self-Service
    Identity management process-oriented, the establishment of self-service centers to achieve self-service update of user information, account applications and other process-oriented management; Docking with external processes to provide a unified authentication portal; Supporting the visualization of application access rights; Supporting account self-registration and password reset; Supporting self-service applications for business processes such as on-boarding, off-boarding, permission applications, posting transfers and job transfers; Support application visualization display, real-time grasp of processing progress; Support detailed approval history, process notification.
Module Characterization

Unified Management: one organization, one identity management system, one set of authentication management system.

Flexible Authorization: single-user authorization and dynamic authorization based on organization, position and user group.

Multi-authentication: Flexible settings for multiple authentication methods and support for SSO single sign-on.

Security Compliance: risk management, personal information protection, encrypted data transmission and storage.

High Availability: total control cluster deployment, distributed deployment of functional modules to meet high-performance requirements.

Easy to Expand: microservice architecture, flexible on-demand dynamic expansion.

Typical Case

● One of the three largest operator groups in China

With the development of informationization, the Group has more and more business applications, and the application rights and daily management are inconvenient and easy to lead to security risks; at the same time, due to the large number of employees, it leads to high identity management and operation costs; employees need to use different accounts and passwords to access the applications in daily life, which seriously affects the experience of using the applications and the efficiency of business collaboration; the scattered management of the applications and the fragmentation of the information lead to the inconvenience of compliance auditing. In response to the above needs, Suninfo Information Technology Co., Ltd provides users with InforCube Security intelligent CA Platform(SiCAP)Identity and Access Management(IAM)Realized for users: Centralized resource management: unified application system management and centralized management of multiple application access methods. Centralized identity management: build a unified user management system, centralized account definition, centralized maintenance and unified authentication. Unified authorization management: build a unified authority management model, highly adaptable to each application system, and support single sign-on. Risk Control: Flexible setting of risk control policies, intelligent identification of abnormal access behavior, and improvement of security risk control capabilities. Audit Management: Comprehensive account security and user behavior audit to help enterprises quickly meet compliance audit requirements. Process management: standardized process management, realizing self-service application and automated processing of affairs, simplifying work and improving efficiency.

● A famous manufacturer enterprise

With the rapid development of industrialization and economic development, China's manufacturing industry has achieved rapid growth, from "Made in China" to "China Smart Manufacturing", and then to "Big Country Smart Manufacturing", the enterprise information system and the number of internal users continue to increase, the identity management and access control of enterprises in the manufacturing industry is facing great challenges, identity management is not unified, decentralized rights management, complex login authentication and increased security risks are more and more prominent, and need to be solved urgently. Suninfo Information Technology Co., Ltd.We conduct on-site environmental inspection on the status quo of the enterprise, and fully communicate with the customer on the status quo and pain point issues, and finally based on the self-developed products of SUNINFO Self-developed Products InforCube Security intelligent CA Platform(SiCAP)of Identity and Access Management(IAM)Combined with the customer's environment and needs for effective adaptation, it quickly helps the customer build a unified digital user management platform, improves and enhances the digital authentication of the business system, realizes fine-grained privilege control of the business application system as well as real-time monitoring and risk protection of the user account, provides comprehensive and standardized user authentication management docking specifications, and realizes the comprehensive implementation of autonomous services and automation drive.




FREE TELL:400-880-5062
I agree