由于资源构成的复杂多样性和用户群体的分布性、层次性及动态性,区域数字图书馆的访问控制要解决单点登录、远程访问和基于角色的访问控制3个问题。以基于角色的访问控制(RBAC)技术和基于SSL-VPN技术的访问控制模型为技术支撑,结合SSL-...由于资源构成的复杂多样性和用户群体的分布性、层次性及动态性,区域数字图书馆的访问控制要解决单点登录、远程访问和基于角色的访问控制3个问题。以基于角色的访问控制(RBAC)技术和基于SSL-VPN技术的访问控制模型为技术支撑,结合SSL-VPN的Site to Site虚拟组网功能构建的以区域数字图书馆门户为中心的区域联合门户系统模型,能够实现区域内各文献机构分布式资源的集中访问和单点登录。展开更多
Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via vario...Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.展开更多
文摘由于资源构成的复杂多样性和用户群体的分布性、层次性及动态性,区域数字图书馆的访问控制要解决单点登录、远程访问和基于角色的访问控制3个问题。以基于角色的访问控制(RBAC)技术和基于SSL-VPN技术的访问控制模型为技术支撑,结合SSL-VPN的Site to Site虚拟组网功能构建的以区域数字图书馆门户为中心的区域联合门户系统模型,能够实现区域内各文献机构分布式资源的集中访问和单点登录。
文摘Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.