内容发布更新时间 : 2024/5/19 6:16:53星期一 下面是文章的全部内容请认真阅读。

IAM 账号管理和应用单点登录平台简介

Tivoli Identity Manager

自动化地管理用户角色、身份和访问权的生命周期

IBM Tivoli Identity Manager 是自动化的基于策略的用户配置解决方案，能够跨 IT 基础架构管理用户角色、身份和访问权。这一安全的身份管理软件易于部署和使用，能帮助各大组织更轻松地遵守法规、管理风险，以及进行安全协作。。 Tivoli Identity Manager 可通过自动化、用户自助服务和其他创新来节省成本和提高生产力。

? ? ? ? ?

自动管理整个用户生命周期（从注册到终止）的角色、帐户和访问权。这可减少间接成本并消除人工错误。

通过预配置策略和模板加速新应用程序应用和用户注册。该软件可在数分钟而不是数天内为新用户提供所需资源。 提供自助服务界面，以便用户自行修改密码和个人信息。这可减少帮助热线成本并增加 IT 员工的效率。

建立职责分离以增强安全性与合规性。它结合各种需求，防止业务与管理用户访问权的角色和配置策略之间产生冲突。

通过定期纠正工作流程来纠正和去除不合规的访问权，或者通过基于角色的访问控制策略来自动纠正和去除不合规的访问权。这一强大的功能可提供精密的、对审计人员友好的详细信息，以展示合规性。

Easily automate lifecycle management of user roles, identities and access rights

Tivoli Identity Manager helps automate the creation, modification, and termination of user privileges throughout the entire user lifecycle Operational role management helps bridge the gap between how business users view their IT resources and the actual IT implementation of user access rights

? Role hierarchy helps to simplify and reduce the cost of user administration by enabling the use of an organizational role structure

? Separation of duties can strengthen security and compliance by creating, modifying, or deleting policies that exclude users from membership to multiple roles that may present a business conflict

?

User recertification enhancements simplify the attestation process while expanding the means to manage compliance. Recertification of a user’s roles, accounts, and groups in bulk fashion enables managers to make yes/no decisions on a user’s access rights in a single submission

? Group management helps simplify and reduce the cost of user administration with the ability to add, remove, or change the attributes of a group within Tivoli? Identity Manager

? Comprehensive request-based provisioning for requesting and

approving user access to roles, accounts or fine-grained access entitlements such as shared folders and Web portlets

? Features a user interface tailored to specific types of users (auditors, managers, administrators, and more) and is highly customizable

?

Features, advantages and benefits

Advantages Benefits

Automates the implementation of

Quickly connect users to Embedded

administrative requests on the environment,

appropriate resources while provisioning engine

and provides universal connectors for

reducing administration and universal

extending the management model to

workload integration tools

support new and custom environments Enables users to perform password resets, Helps reduce help-desk costs password synchronization, and and ease the burden of daily

Self-service interfaces

modification to personal information administration on help-desk without administrative intervention and IT staff

Demonstrate enforcement of

Detects and corrects discrepancies between

internal controls to auditors Closed loop user

approved account access and local

and eliminate orphan or over provisioning

privileges

privileged accounts

Establishes formal process for

Provides ongoing certification process on

validating access and

whether user access is still valid and allows Access recertification

facilitates critical compliance

for automated remediation of access

requirement

Enables automated assignment of user Reduces cost of manual

administration and enhances Role management access rights via static, hierarchical and

dynamic roles visibility of user access

Mitigates risk and enhances

Prevents user access conflicts within

security by preventing user Separation of duties

organizational processes

access conflicts up front

Centralizes the creation, modification and Accelerates configuration of

Group management

deletion of groups user administration Enables administrators to produce reports Quickly produce reports for Auditing and

Features

Benefits

internal audits and ensuring regulatory compliance Implement and modify

Provisioning policy Simulate impact of provisioning policy on

provisioning policies more

impact simulation user accounts before committing changes

quickly and accurately Consistent security implementation across the

Centralized Web Centralizes the definition of users and

organization while simplifying

administration provisioning of user services

management through a single interface

Enables grouping of users according to

Role and rule-based

business needs and delegation of Helps reduce administration

delegated

administrative privileges along costs

administration

organizational and geographical boundaries

Features reporting mechanisms

Advantages

on who has access to what