Privilege Identity Management (PIM) is a domain in the IT infrastructure which are responsible in managing, monitoring and having accounting in the governance accounts related with the Enterprise. (Kobashi, et al., 2013) Usually the governance of the Privileged Identity is not done in the straighten way in the Enterprise. To ensure this safety and governing the accounts, PIM is used within the enterprise. (D, 2005)
The privilege management in this enterprise allows the Bastion host to remove the privileges of System Administrator. A benefit rise work process will be required whereby the Operations Manager will affirm time-boxed solicitations for root get to. (ZIN, 2006)
a. Requirements
The requirements of the PIM are listed below:
b. Assumptions
It is assumed that only 3 system administrators are connected to the Bastion Host. These are connected using a switch which enables to connect the different host to a single server using the parallelization of network.
We assume that there is equal network coverage to all the three system administrators from the Bastion Host. Initially, it is assumed that all the system administrators are privileged with the system access rights.
c. Constraints
Only a single cloud is connected to both the system end at the Operator management plan. There are only 2 Linux 7 centos server connected at that side. SSH Policy is used as the constraint to be used in-scope.
a. Bastion Host
Internet Cloud – The data of the enterprise is saved onto the Internet cloud.
Linux 7 centos Servers – It is highly secured data sever at the Operations Manager end.
Router – It enables to connect the Bastion Host (HarshiCorp – Vault) to the servers.
HarshiCorp Vault – It eliminates the Sysadmin’s Standing privileges.
Switch – It allows the multiple devices or to connect to a host.
Sysadmin – System Administrator host to access the data with the privileges.
b. Approval Workflow
Linux servers can access the Internet cloud to approve the data workflow. Bastion Host blocks the standing privileges of the system administrator to avers the data directly from the server.
c. Auditing
1. Use Case
The sysadmin user cannot connect to secure01.
2. Use Case
The sysadmin logs into Bastion and requests approval to login to secure01.
The opsman approves sysadmin’s request.
The sysadmin can login to secure01 from Bastion.
3. Use Case
The sysadmin logs into Bastion and requests approval to login to secure01 for 10 minutes.
The opsman approves sysadmin’s request.
The sysadmin can login (SSH) to secure01 from Bastion (within 10 minutes.)
The sysadmin attempts to login (SSH) to secure01 after 10 minutes and access is denied.
D, S., 2005. How the Windows Rights Management Service can Enhance the Security of your Documents. [Online] Available at: www.windowsecurity.com [Accessed 2020 06 14].
Kadry, S. &. K. S. &. H. W., 2008. Design and Implementation of System and Network Security for an Enterprise with World Wide Branches. Journal of Applied Sciences Research, Volume 4, pp. 1361-1370.
Kobashi, T. et al., 2013. Validating Security Design Pattern Applications Using Model Testing.. Regensburg, Germany, 8th International Conference on Availability, Reliability and Security (ARES2013).
W., S., 2006. Cryptography and Network Security. 4/E Prentice Hall, s.n.
ZIN, S. K., 2006. Performance parameters of wireless virtual private network. s.l., Master Thesis, Middle East University.
Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help
Get 24x7 instant assistance whenever you need.
Get affordable prices for your every assignment.
Assure you to deliver the assignment before the deadline
Get Plagiarism and AI content free Assignment
Get direct communication with experts immediately.
Get
500 Words Free
on your assignment today
It's Time To Find The Right Expert to Prepare Your Assignment!
Do not let assignment submission deadlines stress you out. Explore our professional assignment writing services with competitive rates today!
Secure Your Assignment!