Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Task description
Generally, the task of authentication in PAM can be stated as follows. It is necessary to provide for an opportunity of multi-factor user authentication before a user gains privileged access to the system.The solutions of Privileged Access Management class allow to eliminate explicit usage of passwords for privileged accounts and to grant administrators with rights to use the said passwords at certain resources granularly. Another problem to solve in the aspect of privileged access is reliable authentication of administrators. An administrator must unambiguosly authenticated before he or she is allowed to use privileged session. This task can be solved with two-factor authentication of PAM users.
Solution
To solve the task, the Indeed Privileged Access Manager (Indeed PAM) software suite uses an authentication server. The Indeed PAM authentication server has the following features.
PAM user authentication
- This stipulates for two-factor user authentication with password and OTP (One-Time Password).
- There also should be an option of integration to Indeed Access Manager in order to delegate the user authentication procedure to the latter.
General architecture scheme of Indeed PAM to solve the authentication task is given below:
Image Added
| Backtotop | ||||
|---|---|---|---|---|
|
...