Permission Management Security

English

Private Cloud Platform

Comprehensive Data Center Infrastructure Solutions.

ZStack Cloud Platform

4S-compliant productized private cloud and seamless hybrid cloud

Enterprise

|

Hybrid

|

Standard
ZStack ZSphere Virtualization Platform

Offer a user experience consistent with VMware virtualization
ZStack HCI

A robust catalog of ready-to-deploy product
ZStack Software-Defined Storage

Supports storage resource pools with capacities exceeding PB levels

ZStack Ceph Enterprise

|

ZStack High Performence Storage

Data Center Management

ZStack ZCenter

ZStack CMP
Edge Orchestration

ZStack Edge
Cloud-Native Platform

ZStack Zaku
Database Management

ZStack RDS
Private AI

ZStack AIOS

Advanced Infrastructure Platform

Covering scenarios from core to edge, cloud to cloud- native, and data management to AI

ZStack Cloud Platform

Single Server, Free Trial for One Year

Download

ZStack ZSphere Virtualization Platform

Unlimited Servers, Free Trial for Three Months

Download

Subscription guide

By Scenario

Deploy ZStack for scenario from datacenter to the edge.

By Industry

ZStack provides innovative cloud infrastructure for ten major industries.

The report provides three major solutions and customer case studies for transitioning from VMware to ZStack.

Download

6 Major Education Solutions, 100+ University Cases，helping Universities Rapidly Move to the Cloud

Download

Documentation&Tools

Comprehensive product documentation and tools

Product Documentation

Product Videos

Product Downloads

Compatibility List
Support & Services

Upholding the value of Customer First and the mission of Serving Customer, ZStack is dedicated to providing secure and stable services for customers.

ZStack Services

Technical Support Centre

Training & Certification

To educate ZStack partners and interested individuals about cloud computing and to cultivate cloud computing talent.

Training & Certification

Certification Inquiry
Content

ZStack provides innovative cloud infrastructure for ten major industries

Blog

News

Customer Stories

White Paper

VMware-to-ZStack Case Collection

The report provides three major
solutions and customer case studies for transitioning from VMware to ZStack.

Download

ZStack Cloud 5.4.0>ZStack Cloud Product Manuals>ZStack Cloud Security Whitepaper>Product Security Analysis>Permission Management Security

Get PDF

Three-role Separation Model

The Cloud supports the three-role separation model for permission management, which decomposes the super administrator (admin) permissions and assigns them to the system administrator, security administrator, and security auditor. The system administrator manages resources of the Cloud, the security administrator handles permissions, and the security auditor oversees audits. The three roles are independent of and constrain each other.

The three-role separation model decomposes the super permissions of the super administrator and into the three distinct roles, effectively reducing the security risks caused by excessive super administrator permissions and further enhancing Cloud security.

Tenant Management Permissions

Tenant management primarily provides enterprise users with organizational structure management, project-based resource access control, ticket management, independent region management, and other functions. The tenant management feature is provided as a separate functional module.

Characteristics:

Users are separate from roles. Roles, as a collection of permissions, can be flexibly bound to or unbound from tenant management users.
Roles are categorized into system roles and custom roles. System roles are roles with predefined permission scopes provided by the Cloud by default. Custom roles are roles created by users as needed.
The UI supports API-level permission control, flexibly adapting to the permission configuration requirements of various scenarios.

SM2 Certificate Login

The Cloud provides a certificate login feature based on the Shang Mi 2 (SM2) algorithm. After enable this feature, you must use a UKey for login authentication to ensure identity authenticity.

To use this feature, ensure that you have the module license of cryptography security compliance installed and certificate login enabled.

Certificate login can be enabled for the admin or tenants. To enable certificate login for tenants, ensure that the tenant management module license is installed on the Cloud.

Next Chapter: Glossary

Private Cloud Platform

ZStack Cloud Platform

ZStack ZSphere Virtualization Platform

ZStack HCI

ZStack Software-Defined Storage

Data Center Management

Edge Orchestration

Cloud-Native Platform

Database Management

Private AI

Advanced Infrastructure Platform

ZStack Cloud Platform

ZStack ZSphere Virtualization Platform

By Scenario

By Industry

Documentation&Tools

Support & Services

Training & Certification

Content

VMware-to-ZStack Case Collection