Architectural Classification
Technology \ Security
Standard Specification
For many, if not all of the systems in use at Plymouth University there has been, and will remain for the foreseeable future, a need to provide some local account authentication access alongside directory based mechanisms. Many systems embrace a connection to directory based services which can facilitate interaction for automated and manual tasks or processes typically performed on an ad-hoc basis. It is unsecure to allow a member of staff to directly access a remote server using their day-to-day account, so additional accounts with enhanced privileges are required to undertake these tasks. This can cause issues for staff required to memorise yet another set of credentials, it also raises security concerns around auditability and solution complexity. There is a need therefore for storage mechanisms to hold and inject the required account details without disclosure to the various members of support staff.
Baseline (Today) | Emerging (To track) |
|
|
Tactical (0-3 years) | Strategic (3-6 years) |
|
|
Retirement (to be removed) | Containment (No new development) |
|
|
Author: | Paul Ferrier | Date: | 24/10/2014 | Version: | 1.0 |
Document Security Level: | PUBLIC | ||||
Document Approvals: | Technical Architecture Group
Enterprise Architecture Practice Enterprise Architecture Board IT Director |
27/08/2014
September 2014 22/09/2014 23/10/2014 |
|||
Review Date: | October 2015 |
Enhanced Account Credential Management Roadmap