{"title":"在it环境中提供特权访问控制和管理的解决方案的比较分析","authors":"O. Romaniuk, P. Skladannyi, Svitlana Shevchenko","doi":"10.28925/2663-4023.2022.16.98112","DOIUrl":null,"url":null,"abstract":"Abuse of privileges in the IT environment is defined as one of the threats to the information assets of the business at the present stage. The article examines and analyzes these problems, which are closely related to the leakage of information due to legitimate access to it and / or unauthorized access to it. Reports, research, acts, surveys at various enterprises contain a large amount of analytical and statistical materials that confirm the relevance and importance of this work. Based on the scientific literature, a review of key definitions on this issue, namely: characterized the definition of \"privileged access\"; the main examples of privileged access in the IT environment are considered; describes the risks and threats of information from attack vectors associated with privileged access to the IT environment. The mechanism for control and management of privileged access - RAM is presented, the steps of this process are highlighted and its expediency is substantiated. Experimental techniques allowed to choose the most applicable solutions of RAM: WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM. The essence and functionality of each of these solutions are revealed. The advantages and disadvantages of each technology are established. As a result of research of technical and functional characteristics the comparative analysis of data of three decisions is carried out: obligatory components of the decision on control and management of privileged access are the manager of passwords and the manager of sessions (sessions), and additional - the module with analytics of privileged sessions and the access manager. use a VPN to access privileged assets. It can also be noted that the functionality of all products is very similar, so the implementation plays a big role, namely the practical approach during operation, internal algorithms, additional opportunities for integration and innovation. PAM solutions are recommended for organizations as a means to mitigate information security risks and threats due to insider activities of company employees who have privileged access to the IT environment.","PeriodicalId":198390,"journal":{"name":"Cybersecurity: Education, Science, Technique","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"COMPARATIVE ANALYSIS OF SOLUTIONS TO PROVIDE CONTROL AND MANAGEMENT OF PRIVILEGED ACCESS IN THE IT ENVIRONMENT\",\"authors\":\"O. Romaniuk, P. Skladannyi, Svitlana Shevchenko\",\"doi\":\"10.28925/2663-4023.2022.16.98112\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abuse of privileges in the IT environment is defined as one of the threats to the information assets of the business at the present stage. The article examines and analyzes these problems, which are closely related to the leakage of information due to legitimate access to it and / or unauthorized access to it. Reports, research, acts, surveys at various enterprises contain a large amount of analytical and statistical materials that confirm the relevance and importance of this work. Based on the scientific literature, a review of key definitions on this issue, namely: characterized the definition of \\\"privileged access\\\"; the main examples of privileged access in the IT environment are considered; describes the risks and threats of information from attack vectors associated with privileged access to the IT environment. The mechanism for control and management of privileged access - RAM is presented, the steps of this process are highlighted and its expediency is substantiated. Experimental techniques allowed to choose the most applicable solutions of RAM: WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM. The essence and functionality of each of these solutions are revealed. The advantages and disadvantages of each technology are established. As a result of research of technical and functional characteristics the comparative analysis of data of three decisions is carried out: obligatory components of the decision on control and management of privileged access are the manager of passwords and the manager of sessions (sessions), and additional - the module with analytics of privileged sessions and the access manager. use a VPN to access privileged assets. It can also be noted that the functionality of all products is very similar, so the implementation plays a big role, namely the practical approach during operation, internal algorithms, additional opportunities for integration and innovation. PAM solutions are recommended for organizations as a means to mitigate information security risks and threats due to insider activities of company employees who have privileged access to the IT environment.\",\"PeriodicalId\":198390,\"journal\":{\"name\":\"Cybersecurity: Education, Science, Technique\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity: Education, Science, Technique\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.28925/2663-4023.2022.16.98112\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity: Education, Science, Technique","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.28925/2663-4023.2022.16.98112","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
在IT环境中滥用特权被定义为当前阶段对企业信息资产的威胁之一。本文对这些问题进行了考察和分析,这些问题与合法访问和/或未经授权访问导致的信息泄漏密切相关。各种企业的报告、研究、行动和调查包含了大量的分析和统计材料,证实了这项工作的相关性和重要性。在科学文献的基础上,对这一问题的关键定义进行了综述,即:对“特权访问”的定义进行了表征;考虑了IT环境中特权访问的主要例子;描述与对IT环境的特权访问相关的攻击向量的信息的风险和威胁。介绍了特权访问的控制和管理机制——RAM,重点介绍了这一过程的步骤,并证明了它的方便性。实验技术允许选择最适用的RAM解决方案:WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM。揭示了每个解决方案的本质和功能。确定了每种技术的优缺点。通过对技术和功能特点的研究,对三种决策的数据进行了比较分析:特权访问控制和管理决策的必备组件是密码管理器和会话管理器(sessions),附加组件是特权会话分析模块和访问管理器。使用VPN访问特权资产。还可以注意到,所有产品的功能都非常相似,因此实现起着很大的作用,即操作过程中的实用方法,内部算法,集成和创新的额外机会。建议将PAM解决方案用于组织,作为一种减轻信息安全风险和威胁的手段,这些风险和威胁是由具有特权访问IT环境的公司员工的内部活动引起的。
COMPARATIVE ANALYSIS OF SOLUTIONS TO PROVIDE CONTROL AND MANAGEMENT OF PRIVILEGED ACCESS IN THE IT ENVIRONMENT
Abuse of privileges in the IT environment is defined as one of the threats to the information assets of the business at the present stage. The article examines and analyzes these problems, which are closely related to the leakage of information due to legitimate access to it and / or unauthorized access to it. Reports, research, acts, surveys at various enterprises contain a large amount of analytical and statistical materials that confirm the relevance and importance of this work. Based on the scientific literature, a review of key definitions on this issue, namely: characterized the definition of "privileged access"; the main examples of privileged access in the IT environment are considered; describes the risks and threats of information from attack vectors associated with privileged access to the IT environment. The mechanism for control and management of privileged access - RAM is presented, the steps of this process are highlighted and its expediency is substantiated. Experimental techniques allowed to choose the most applicable solutions of RAM: WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM. The essence and functionality of each of these solutions are revealed. The advantages and disadvantages of each technology are established. As a result of research of technical and functional characteristics the comparative analysis of data of three decisions is carried out: obligatory components of the decision on control and management of privileged access are the manager of passwords and the manager of sessions (sessions), and additional - the module with analytics of privileged sessions and the access manager. use a VPN to access privileged assets. It can also be noted that the functionality of all products is very similar, so the implementation plays a big role, namely the practical approach during operation, internal algorithms, additional opportunities for integration and innovation. PAM solutions are recommended for organizations as a means to mitigate information security risks and threats due to insider activities of company employees who have privileged access to the IT environment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
