Solutions
-
Background
The Guidance of the State Council on Accelerating the Construction of National Integrated Online Government Services Platform (Guo Fa [2018] No. 27) proposes to build a unified identity authentication and promote the integration of public support, and the "Digital Government" Construction Master Plan Implementation Plan (2018-2020) (Guo Fa [2018] No. 48) proposes to strengthen business application support and promote the application of standardized and unified services for unified identity authentication services.
-
Value
Many cases show that information leakage often comes from the inside, and the online application data of the Exit-Entry Government Service Network of Guangdong Provincial Public Security Department has also been leaked. Due to the error of the permission control of this function, ordinary users can bypass the login link and directly access the background to check the data. All users who submitted online applications on this website have been leaked.
-
Solution
Following the principle of "unified planning, unified standards, unified platform, and unified management", build a credible digital identity empowerment center (IAM platform), integrate and enhance the basic resources of e-government, improve the supporting system of "Internet + government services", and realize the interconnection and interoperability of digital identities of users under its jurisdiction by docking with business systems at all levels.
-
Cases
Shenzhen Longgang District Government and Pingshan District Government join hands with Bamboocloud to build an intelligent identity security management platform, break down departmental barriers, realize data sharing, business collaboration, assist the government in intelligent decision-making and provide accurate government services.
Sore Points
-
Lack of government user identity management capabilities
01/1. The identity of government personnel is real-name, and one person has multiple accounts.
2. Failure to synchronize data with the editorial office and other agencies, forming identity silos.
3. Identity data update lags behind and doesn't have authority.
4. Incomplete coverage of personnel who using the information system, without including temporary staff, temporary staff, etc.
-
Hidden risks in public user identity security
02/1. Unable to provide a unified security capability, and each system is constructed with separate consideration of security guarantees such as customer identity and access, with different levels of protection and repeated work.
2. limited support for public users to access government services securely and quickly by using social accounts, fingerprints, face recognition, etc.
-
Scattered permissions management
03/Scattered authority management, lack of unified job authority definition system and standard authorization.
-
Lack of refined management
04/Not enough understanding of the public's needs, not enough service to enterprises, not yet fully citizen-centric. Smart government is a breakthrough in the upgrading and development of e-government, and is an inevitable product of the government's move from "management-oriented" to "service-oriented and intelligent".
IAM can effectively solve pain points
Based on the IAM architecture of Bamboocloud, a comprehensive unified authentication platform solution is built, and an overall solution including authentication management, application management, single sign-on, session management, access control, and security audit is designed to improve hospital service quality, reduce user acquisition costs, improve user experience, and assist in formulating unified authentication management standards of banks, laying a solid foundation for the development of new channels and new businesses.
Values
-
Avoid the security backdoor brought by identity accounts
Realize the automatic control for the whole life cycle of electronic identity of users in different latitudes, which can realize the control of business scenarios where multiple people share one account, clarify specific users and strengthen security monitoring.
-
Strengthen the core business system permission control
Strengthen the permission control of core business systems, and make clear hierarchical authorization and permission approval for all kinds of permissions, which can not only avoid the abuse of permissions brought by human operations, but also carry out real-time auditing and post-event traceability.
-
Enhance core system access security
Realize biometric identification such as face, fingerprint and voice print to enhance the security of access, and realize Ukey locking window system. Secure access to core business data by enhancing the identity verification strength of the core application system.
-
Audit all operations with traces
Record the important operations of each user (user login, user logout, adding, modifying, deleting key data), and perform statistics, query, analysis and audit report generation on log audit data.
Integrated Apps
