Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

章 9. 認​證​與​互​通​性​

身​份​管​理​

RHEL 6.2 包​括​了​身​份​管​理​功​能​,允​許​管​理​使​用​者​身​份​認​證​、​以​政​策​為​基​礎​的​存​取​控​制​、​還​有​認​證​服​務​。​身​份​認​證​管​理​服​務​之​前​稱​為​ IPA,是​基​礎​於​開​放​原​始​碼​的​ FreeIPA 專​案​。​在​ RHEL 6 之​前​的​版​本​裡​,這​些​服​務​是​技​術​搶​先​版​;從​這​版​本​開​始​,身​份​認​證​管​理​已​經​屬​於​正​式​支​援​的​項​目​。​

注意

《​身​份​認​證​管​理​指​南​》​提​供​了​關​於​身​份​認​證​管​理​方​案​的​詳​盡​資​料​、​技​術​、​以​及​一​些​專​有​名​詞​的​解​釋​。​它​也​提​供​了​為​用​戶​端​與​伺​服​器​端​設​計​的​高​階​設​計​資​訊​。​
智​慧​卡​的​ PIV 支​援​

RHEL 6.2 中​加​入​了​對​使​用​ PIV(個​人​身​份​驗​證​,Personal Identify Verification)智​慧​卡​的​支​援​。​現​在​可​以​使​用​ FIPS 201 相​容​的​ PIV 卡​,安​全​地​使​用​資​料​。​PIV 智​慧​卡​限​制​了​卡​片​持​有​人​的​存​取​,以​確​保​資​料​的​機​密​性​;它​也​只​讓​卡​片​持​有​人​修​改​資​料​,確​保​資​料​完​整​性​。​這​可​以​保​證​授​權​資​料​的​使​用​方​式​,避​免​資​料​被​濫​用​。​使​用​ PIV 卡​源​自​美​國​國​土​安​全​部​第​十​二​號​總​統​令​(HSPC-12),要​求​存​取​政​府​的​所​有​ IT 系​統​時​,皆​使​用​此​技​術​。​