didmos is the powerful Identity & Access Management software suite from DAASI International, consisting of five expandable open source modules.
Everytime an organization decides to establish an Identity & Access Management system, similar questions arise:
- How should data exchange operate among the different systems (data models, interfaces, access information etc.)?
- How can internal permissions be represented in the best way?
- How can specific organizational procedures (administration processes, self-service functions for users etc.) be modelled optimally?
Although these questions are similar in each organization, their answers are always different and depend on the specific requirements and structures of the respective organization. That is why proprietary standard software is often an unsatisfactory solution.
Modules for more flexibility
In contrast to a rigid standard solution, didmos is flexible, as it consists of five adjustable modules.
All modules are dovetailed and together they form a flexible, broad and profound Identity & Access Management system, that can be adapted to individual requirements and desires. Additionally, didmos provides ideal conditions to be integrated into your existing IT landscape through high standards compliance and and a strong focus on expandability.
In summary, didmos is not a proprietary standard software, but an individual and lasting all-in-one solution that adapts to all conditions and requirements with the help of its module structure.
The module didmos ETL Flow (Extract, Transform, Load) extracts data from different sources – e.g. ERP, SAP, XML or SQL databases – and synchronizes them in a central metadirectory. Essential processes are duplicate detection (the identification of data based on weighted attributes) and data harmonization (the merging of data to a single data set). [more about ETL Flow]
didmos Pwd Synchronizer synchronizes passwords event-based from an Active Directory Domain Controller into other directories, e.g. OpenLDAP. This either happens as plain text, as hash, or by activating a REST service at the time of the change (not retrospectively). Pwd Synchronizer is complemented by an easy installation as Windows service, an encrypted caching on the Domain Controller as well as a logging of the synchronization processes. [more about Pwd Synchronizer]
didmos LUI (LDAP User Interface) is a web-based frontend for user administration with a self-service functionality. As a generic web portal framework, LUI can create, change and delete data in a metadirectory and in other LDAP servers. A user is only able to use the features respectively authorized for his or her LDAP authorization group or role object. The frontend is completely configurable to individual requirements and adaptable to the corporate design.
Additional functions are for example the automatic creation and sending of e-mails, the generation of PDFs, error reports, webservice interfaces and the preparation and approval of requests.
Accordingly, didmos LUI is suited for the integration of administration and self-service tools. Thanks to the flexible configuration possibilities, didmos LUI can be used for any other web frontend, for example in Digital Humanities applications with complex visualizations. [more about LUI]
didmos Provisioner provides data from a metadirectory for any target system, e.g. databases, directory services or specific applications. The support of the standards SPML (Service Provisioning Markup Language), SCIM (System for Cross-domain Identity Management) as well as configurable SOAP and REST interfaces allows the connectivity to any proprietary system without the need to change the overall system. [more about Provisioner]
The didmos module Decision Point, formely OpenRABC, is an open source implementation of the ANSI standard RBAC (Role Based Access Control) for a secure and efficient Access Management. Decision Point allows the central access control to resources by assigning users one or more roles that are connected to certain access rights. All access decisions can be defined and maintained on a central position by Policy Decision Points (PDP). [more about Decision Point]
Within the didmos framework, the authenticator is a universally applicable authentication tool. It can even work for all kinds of other applications. The modular structure, which makes the Authenticator highly flexible, allows for the it to be deployed in any SSO environment. The implementation of the SAML and OpenID Connect protocols enables users to login with either internal or external accounts, using i.e. social login via Facebook, Twitter, etc. This way users only need one account instead of setting up one account for each service they wish to use. The possibility to include the open source software PrivacyIDEA by our partner NetKnights, ensures maximum data security with multi-factor authentication.