Unified security management system and identity authentication method

Abstract

The invention discloses a unified security management system and an identity authentication method. The system comprises a security management portal and a security management center, the security management center further comprises a centralized authentication service, a remote user dialing authentication service, a program account interface and a one-time password service; the remote user dialing authentication service is used for forwarding an authentication request of a host to the centralized authentication service for centralized authentication; and the program account interface and the one-time password service are used for distributing one-time access passwords for the application programs when the application programs log in the host, and the one-time password service is further used for providing the one-time access passwords for the centralized authentication service for identity authentication. Therefore, according to the scheme of the invention, based on the transformed 4A system, the security of the host can be improved, the software complexity is reduced, the user information leakage is effectively prevented, and the possibility that a password is cracked is avoided.

Description

technical field [0001] The invention relates to the technical field of identity authentication, in particular to a unified security management system and an identity authentication method. Background technique [0002] Under the Linux system, there are currently two authentication methods for the remote login system: password authentication and key authentication. figure 1 A schematic diagram of the authentication process of two commonly used Linux authentication methods is shown. Such as figure 1 As shown, the password authentication method is a traditional security strategy. By setting a relatively complex password, it can protect the system security to a certain extent, but it also faces some other problems, such as password brute force cracking, password leakage, Lost passwords, etc. At the same time, passwords that are too complex will also cause a certain burden on the operation and maintenance work. [0003] And, key authentication is a new type of authentication. ...

AI Technical Summary

Problems solved by technology

[0006] First, for an organization with hundreds or even more host systems of various types, adopting decentralized password management will bring huge management overhead and security risks;

[0007] Second, the existing applications all write the host account and password in the program or configuration file. Every time the password is changed, the program side must cooperate with the synchronous modification, otherwise the program will be called abnormally, which will easily cause password leakage and failure. Regularly reset the password; moreover, due to differences in program providers, old versions, personnel updates, etc., there are problems such as high risk and heavy workload every time the password of the program account is changed;

[0008] Third, in the existing authentication methods, the strength of authentication is too low, and the probability of the host being attacked is high

Images