Internet Initiative Japan (IIJ) provides identity authentication/authorization such as single sign-on (SSO), access control and multi-factor authentication, as well as identity governance management such as inventory credentials and lifecycle management through the “IIJ Identity & Access Management System.” began to offer solutions.
According to the company, with conventional IDaaS (Identity as a Service) and identity management products, SSO is not possible due to restrictions on each service’s binding method, and it is possible to update each service collectively when updating user information such as joining or leaving the company or changing jobs. By combining the functions required for credential authentication/authorization and governance management, this solution will provide an environment capable of managing credentials in an integrated and simple way.
This solution can strengthen authentication security and credential governance by using functions such as cloud-based credential management service “IIJ ID Service”, which provides credential binding and SSO mechanism.
This will allow users to access all systems with a single login, which will greatly improve convenience. Additionally, multi-factor authentication can be implemented on any system, reducing the risk of unauthorized access in the event of an account information leak.
Usage Picture
The IIJ ID service uses SAML authentication and OpenID Connect for SSO, and cloud services and systems that do not comply with these can be combined with open source software for proxy authentication as an SSO function proxy authentication to allow on-premises authentication. Identifiers for systems, cloud services, etc. can be integrated.
By providing a credential governance management (IGA) feature that appropriately controls credentials and a credential provisioning feature that automatically mirrors credentials across various systems, we can centrally manage the credentials in use. , lifecycle management, authority management, etc. can be handled automatically correctly.
This will streamline the work of creating, deleting, and updating credentials that occur during personal events such as transfers, company entry and exit, and promotions, as well as deter unauthorized access. authorized by retirees, which is a major cause of information leaks. .
On the cost side, running costs have been reduced by combining open source software with the IIJ ID service, which is provided for a monthly fee of 200 yen per ID. In addition, maintenance costs such as support costs and server operation costs, which account for most of the monthly fees, are fixed costs, so even if the number of users increases, the increased costs can be minimized.
Sample configurations and reference prices (excluding tax) start at 800,000 yen per month for ID integration of existing systems and 1,000 users. Realization of SSO by IDaaS ・From 1.8 million yen for 5000 users. Integration of SSO and ID management functions ・Monthly fees start from 3.2 million yen for 8,000 users. The initial cost is estimated individually.
Read ZDNet Japan’s articles every morning via email (free registration)
Leave a Reply