Mobile Communication 4A certification audit system

Project background

With the development of mobile communication services, various types of information systems continue to increase, and has brought new problems to the information security management. Faced with the problems of numerous business systems, personnel change frequently, user name and authorization management un-electronics, the lack of centralized system audit and unable to do comprehensive analysis, mobile communication needs to establish 4A management systems in the province business system to achieve the unified account management, authentication management, authorization management and integrated audit management. Establish 4A management platform for mobile business support system, network management support system and enterprise informatization system to realize accounts centralized management, centralized authentication and authorization, and comprehensive audit for their own systems and applications within the jurisdiction, and establish a unified management platform in provincial centers, to form a secondary management structure.

Our services

Account Management of 4A

There is main account and subsidiary account in 4A specifications. The main account is for natural person and now mainly is the network access controlling system account. Subsidiary account is for resources and facilities, and mainly refers to the account used when person logging device or applications, so in the 4A platform, it needs to create two management modules: the main account management module, and the subsidiary account management module.

Authorization management of 4A

We do the main account management and subsidiary account management in "4A's Account Management", and the main account and subsidiary account need to be associated through resource facilities. The purpose of authorization is to enable authorized individuals to log on those devices and use the subsidiary account on the corresponding device, thus creating a three correspondence system of "main account - subsidiary account – device". At the same time, it provides the corresponding association list for authorization.

Authentication management of 4A

The legitimacy of the 4A authentication needs to check if it is legitimate of three main elements: the main account, the subsidiary account and the authorization. The unified authentication system is the base for 4A platform construction. Therefore, abandon local certification and use the third-party certification model. On the current circumstances, the third-party certification includes Raduis, LDAP, SMS, etc., so 4A platform provides certification transiting stations, which is fully compatible with the third-party certification.

Security audit of 4A

Security audit mainly records all operation acts of users in device and the current audit information sources can be divided into three categories:

Network audit equipment: restructure the transmission data packets on the network, and obtain the user's operation information through protocol resolution.

Fort Jump devices: if users want to log on the target device, you must first log on fort jump device, and then jump to target device through fortress to operate. Fort jump can record all operating information of users.

Target device log: Most of devices support logging methods to save the user's operation.

Nine elements of the audit:"time, a natural person, the main account number, terminal IP, purpose IP, subsidiary account, audit events, audit level and the auditing revisit ".

Customer benefits

4A refers to centralized account management, authorization management, authentication management and security audit management. 4A management system plays an active role in improving IT system management for more telecommunications customers.