摘要
针对企业迁入云中面临的资源管理的有效性和安全性问题,提出了专门针对私有云下的全面的身份与管理解决方案。方案从身份管理、隐私保护、单点登录以及访问控制角度出发,分别使用数据同步服务、多重手段认证、SAML2.0规范引入以及XACML协议与RBAC模型相结合等技术手段实现云环境下集成化、一站式的身份与访问安全管理。该方案结合多种技术手段,有效解决了企业迁入云中后面临的安全管理风险,提高了企业的资源管理效率。
Aiming at the validity and security issues of resource management as enterprises moving into cloud,the identity management solution specifically for the private cloud is proposed. This solution,from the aspects of identity management,privacy protection,single-point log-on and access control and by using data synchronization services,multiple-means authentication,SAML 2.0,and in combination of XACML with RBAC model,the integrated and one-stop management of identity and access security is achieved. It could effectively solve the security management risks in the enterprises private cloud,and improve the efficiency of resource management.
出处
《信息安全与通信保密》
2012年第11期75-77,81,共4页
Information Security and Communications Privacy
关键词
私有云
身份管理
单点登录
访问控制
隐私保护
private cloud
identity management
single-point log-on
access control
privacy protection
