Исследование особенностей организации систем единого входа. Часть 2: Организация единого доступа в подсети

Abstract

Предлагается технологическое решение задачи идентификации пользователей при их доступе к мультисервисным системам. Показывается, что решение может привести к снижению количества применяемых адаптивных (интеллектуальных) методик процесса IAM в современных ИТ-платформах. Акцентируется внимание на том, что предлагаемый подход актуален для решения проблемы гипер-подключенности в подсетях, для которых характерно большое количество данных, устройств и пользователей.

It is proposed technological solution to authenticate users when they access to multi-service systems. It is shown that the solution can reduce the amount of applied adaptive (intelligent) techniques process IAM in modern IT platforms. Attention is drawn to the fact that the proposed approach is relevant for solving the problem of hyper-connections in the subnets, which are characterized by large amounts of data, devices and users. It is noted that the decision is consistent with trends empowerment IAM, does not contradict them, and can be coordinated with the existing technological standards. Proposals to create a model system to identify and provide access to the SSO. It is shown that the model can be adapted to the characteristics of modern service structures. Consider the possibility of providing digital functions of the state in the online segment. It is noted that these functions belong to the identification and authentication of users when they access to public cloud structures. A model is proposed to identify and provide access to the service subnets "cloud" type SSO due to "cross-cutting" calculations using adaptive identification techniques. The model can be used to provide SSO. Taken into account that subnet are a special case of a broader class of systems as converged infrastructure means "seamless" architecture.