关键词: 可信终端, 身份认证, 多因子认证, 动态访问控制, 身份管理, 替换AD

Abstract: The Identity Access Management with trusted device solution is pivoted around the Digital Access Management Platform. Based on the trusted identity data at its core, the platform can be integrated with thirdparty device security products to achieve binding endpoint information, identity information, and application information dynamically. Providing various secure authentication methods, the Identity Access Management with Trusted Device Solution utilized the dynamic access control model and powerful identity management system to realize authenticating user identity dynamically based on device status. Such solution redefines the secured perimeter of an enterprise. The main features of this solution are as follows: 1) Based on user identity information at its core, binding device information and application information together to achieve full user lifecycle management in one console. 2) With full capabilities of identity management, combined with the twoway synchronization mechanism, the solution provides a smooth and seamless replacement of AD Domain, which has security risks, as a user data source.  3) In accordance with the “domestic made, independent and controllable” policy, this solution works seamlessly with systems created under China Information Technology Innovation Program. Providing efficient and secure authentication methods based on trusted devices, this solution creates a complete ecosystem based on all domestic made, innovative information technology devices.

Key words: trusted device, identity authentication, multi-factor authentication, dynamic access control, identity management, replace active directory (AD)