Identity and Access Management
(WorldData IAM V9a)
Identity and Access Management is installed on network platform (internet or intranet), providing Single Sign On (SSO) service for all softwares surrounding the integration service platform, and offering Single Log Out (SLO) as well. WorldData IAM V9a also provides authorization service for those such softwares and for systems that use single sign on via the software.
WorldData IAM V9a supports several User Stores, offers features including: user registration, user management, user session management, user session statistics and report.
Centralized authorization: Support the authorization of access to applications according to the role of each user, to web services (Web Service). Authorize users to manage applications in the system.
Centralized management: Provide a platform to effectively and powerfully manage access, manage access to services in the system, and manage access to software connected to the system.
Monitor access, report on accesses to systems.
General centralized authentication: Support flexible one-time login and dynamic configuration with the trusted systems such as Facebook, Google.
Support single logout and single sign-on with dynamic attributes of system users.
- Authorize users to access to services upon corresponding roles
- Authorize users to manage applications in the system.
- Authorize users upon specialized roles in each system without separate authorizations on systems
- Support permission checks before access.
Single sign-on, Single logout
- Single sign-on with SAML2, OpenID connect and other standards.
- Single logout with the SAML2 standard between single sign-on applications through the system.
- Single sign-on with external authentication systems such as Facebook, Google, Microsoft Office 365, Microsoft Sharepoint, Microsoft Dynamics and Microsoft Exchange.
- Licensing, SLO, and cloud synchronization with Microsoft Office 365
- SSO between on-premise and cloud-based applications, support heterogeneous SSO protocols (bridging identification).
- Manage system of single authentication service providers (SP) and identity providers (IDP).
- Support Google ReCaptcha.
Strong adaptability and authentication
- Authenticate based on contexts through user attributes, user behaviors, user risk profiles, requested parameters and machine learning algorithms.
- Support multi-option/multi-step authentication, integrated Windows Authentication (IWA) with Kerberos, X.509 authentication, digital signatures.
- Manage user rights
- Support role-based access control (RBAC)
- Control access based on detailed policies, Extensible Access Control Markup Language (XACML) 2 .0 / 3.0.
- Explore policy implications before publishing policies to runtime using trial tools.
- High-performance network protocol (via Apache Thrift) for Policy Execution Point/Policy Decision Point (PEP / PDP).
- Support dynamic configuration for XACLM standards.
- Integrate with integrated inter-platform software for authentication and authorization of REST or SOAP services.
- Monitor login and working sessions.
- Monitor user login/login session.
- Terminate the user's login session.
- Real-time security alerts for suspicious login activities and unusual sessions.
- Integrate the collection and monitoring of performance statistics and standard access.
Flexible administration and development of systems
- Light, friendly to developers and easy to deploy.
- Divide in clusters to deploy, high availability.
- Support deployment of on-premise, cloud servers without changing configuration.
- Complete SOAP API for integration or embedding in any application or system.
- Support modules and combine with many user management stores at the same time such as LDAP, AD, JDBC.
Technical solutions used
- Database: MySQL, SQL Server, PostgreSQL
- Operating system: Ubuntu Server 18.04 x64
- CPU: 8 CPU cores
- Ram: 16GB
- Disk: 500GB
- OS: Ubuntu Server 18.04 x64
To learn about the price, contact us here.