Unified access management platform
Protect the enterprise application authentication and access security
BAM
  • Inconsistent access system standards

    Inconsistent access system standards

    Each application authentication system of the enterprise is built separately, without a unified standard that meets the security requirements of the enterprise, and the level of professionalism and reliability varies, which is easy to form a security short board.


  • Single authentication method and weak authentication strength

    Single authentication method and weak authentication strength

    Many applications still use the static password for access authentication, which is easy to produce weak passwords, easy to crack, easy to leak, and has high-security risks.


  • Worse user experience

    Worse user experience

    Users memorize multiple sets of account passwords, which are easy to forget. They need to remember multiple application access entrances and make multiple logins, which is inefficient; it is difficult to experience the security and convenience of access experience brought by biometric and multifactor authentication.


INTRODUCTION

BAM

Bamboocloud Access Control Platform BAM establishes unified authentication and access control capabilities for enterprise applications. Products aim at enterprise user and application system integration to achieve unified authentication, unified authorization and access control while integrating strong authentication, session auditing and centralized management functions. Access control can be performed for various operations such as internal user application access and administrator maintenance. The platform provides a variety of authentication methods such as username password, cell phone OTP, digital certificate, SMS, dynamic e-token, etc., and supports many security authentication protocols, including SAML, OAuth, etc. The unified authentication platform can greatly reduce the time cost of users in the identity authentication link and simplify the login process.


FEATURES

BAM
  • Intelligent risk control

    Built-in risk detection integration module, relying on the risk detection results, timely discover the risks in the authentication and access process, dynamically adjust the authentication security level and access strategy, and effectively intercept illegal access.

  • Automatically enabling on one access

    After the application is connected to the system once, the extension, change and removal of each application authentication mode are all enabled and recycled by the platform with one click, so that the application can be transformed with zero impact.

  • Establishing a secure access system rapidly

    Help enterprises to build a unified authentication and access control platform, establish an access security system that meets the security requirements of enterprises and industries, and provide unified authentication and access control services for various applications of enterprises.
  • Pre-integration of many authentication services

    The product integrates a variety of mainstream authentication capabilities and third-party authentication services, including traditional authentication methods, biometric authentication methods, third-party authentication services for enterprises, social authentication services, etc. At the same time, it has flexible expansion capabilities, which can rapidly expand new authentication capabilities in the platform.
  • Fast access application

    The product supports various application integration modes, and enterprise applications can choose the appropriate mode for quick access according to their own conditions; At the same time, after long-term accumulation, the products are integrated with commercial software commonly used in various industries, and the same software application can realize zero workload access.

  • Organizing management strategy

APPLICATION SCENARIOS

BAM
  • Unified access portal

    01

    Provide a unified login portal and centralized navigation for various applications to achieve a set of account system login and network-wide access to improve user experience and access efficiency.


  • Manage authentication and access policies

    02

    Set security levels according to the positioning of various applications, flexibly configure authentication methods and access policies, and support multiple authentication methods serially or in parallel.


  • Full-scene single sign-on

    03

    Support single sign-on between B/S applications, B/S and C/S applications, different browsers, native and cloud applications, cooperative enterprise applications, support network access, application single sign-on after VPN access and PC login, etc., to truly realize single sign-on for various scenarios.


  • Rich access modes

    04

    Support mainstream standard authentication protocols such as OAUTH, SAML, OPENID, CAS, Radius, etc., support development modes such as RESTful API, SDK, interceptor, etc., support token modes such as JWT, LTPA, AMToken, etc., and support other modes such as docker agent, form proxy filling, etc.


  • Multifactor authentication capability and extension

    05

    The authentication capability supports traditional authentication methods, including password, certificate, SMS, biometric authentication methods, including fingerprint, voiceprint and face, third-party authentication services ,including AD, Dingtalk, Enterprise WeChat, social authentication services, including QQ and WeChat, etc., Also, it supports the rapid expansion of other authentication methods.


  • Unconscious login

    06

    Through face recognition and other biometric authentication technologies, users can automatically log in to the system before coming to PCs and other devices without performing manual login operations, It also automatically locks the screen after the user leaves, which is an excellent embodiment of authentication technology balances security and convenience.


ARCHITECTURE

BAM

Provide unified authentication and access control services, quickly establish a safe and reliable access management mechanism for various applications of enterprises, reduce the security risks such as illegal access and data leakage of enterprise resources, and greatly improve the convenience of users on the basis of security.BAM.jpg

ADVANTAGES

BAM
  • Integrativeness

    Support SDK and RESTful integration methods. Independence of the authentication business ensures non-intrusive and fast integration of applications.


    Integrativeness
  • Openness

    1. Application-oriented openness. the SAML and OAuth RESTful interfaces simplify the complexity of application integration.

    2. Support RESTFul, SDK, proxy and other integration methods to facilitate rapid application docking.


    Openness
  • Scalability

    The platform supports the extension of custom interfaces to meet business needs and ensures the system's flexibility; at the same time, it can smooth expansion. The platform ensures the scalability of computing capacity from the architecture and ensures the stateless characteristics of each system through unified and centralized management of user sessions.


    Scalability
  • Security

    It supports multiple access control methods, fine-grained access authorization, the configuration of authentication policy and secondary interception mechanism based on authentication chain ,and records system-wide security and system audit information to effectively analyze the daily operation and security event data of the whole system.


    Security