Specification Document
※ Last updated: 2026-01-02
User Management Section
| Item | Content |
|---|---|
| Requirement Classification | User Management Section |
| Requirement Name | Unified Management of User Information |
| Definition | Provide centralized management of user information distributed across multiple systems to ensure consistent user account, profile, and permission management. |
| Detailed information | Centralized User Information Management • Collecting and integrating user information from various systems such as HR systems, Active Directory, and cloud services. • Integrate and manage information such as user accounts, profiles, and permissions consistently. • Provides duplicate account detection and management features User Add-on Feature • Add Single User: Register individual users on the Security365 platform • Add Multiple Users: Bulk User Registration Using CSV File • Directory service integration: Synchronization of user information through integration with AD, LDAP, Microsoft Entra ID, etc. Profile Management • Permission Change: User permission management using Role Based Access Control (RBAC) method. • Change activation status: Control user account activation/deactivation • Account Password Reset: User Password Reset by Administrator Automatic synchronization • Scheduler-based automatic synchronization support • Provides real-time synchronization options • Synchronization history and status monitoring |
Authentication Management Section
| Item | Content |
|---|---|
| Requirement Classification | Authentication Management Section |
| Requirement Name | Authentication Method Management |
| Definition | Supports various authentication methods to verify user identity and enhance security. |
| Detailed information | Security365 Certification • User authentication with Security365 ID and password • Set and apply password policy • Account lockout policy support CSP (Cloud Service Provider) Certification • Microsoft365 account authentication: Log in to the SHIELD ID service with your Microsoft account • Google Account Authentication: Log in to the SHIELD ID service with your Google account. |
Multi-Factor Authentication (MFA) section
| Item | Content |
|---|---|
| Requirement Classification | Multi-Factor Authentication (MFA) section |
| Requirement Name | Multi-Factor Authentication |
| Definition | To address the security vulnerabilities of single-factor authentication, user identity is verified by combining two or more authentication factors. |
| Detailed information | Email-based MFA • The authentication code will be sent to the linked email upon request. • Generate 6-digit authentication code • Authentication timeout 5 minutes • Perform authentication with the received authentication code OTP-based MFA • The authentication code is sent to the OTP authentication app of the linked device when requested. • Generate 6-digit authentication code • Perform authentication with the received authentication code. |
Lifecycle Management Section
| Item | Content |
|---|---|
| Requirement Classification | Lifecycle Management Section |
| Requirement Name | User Account Lifecycle Management |
| Definition | Automatically synchronize user account information between external systems and SHIELD ID, as well as between SHIELD ID and external applications, to manage the lifecycle of account creation, modification, and deletion. |
| Detailed information | Inbound Provisioning • Microsoft365 Synchronization: Synchronization of group and user information registered in Microsoft365 - Full group/user synchronization - Synchronize only specified groups/users by the administrator • SCI Server Integration: Synchronization of user/group information registered in the SCI Server • AD/LDAP Integration: Synchronize all groups and user information registered on the AD server. • CSV Bulk Registration: A CSV file-based batch process for efficiently managing a large number of users and groups. • Support for real-time (manual) / periodic (automatic) synchronization |
SSO section
| Item | Content |
|---|---|
| Requirement Classification | SSO section |
| Requirement Name | SAML Federation SSO |
| Definition | Single Sign-On (SSO) integration with major SaaS applications based on the SAML 2.0 standard allows users to access multiple applications with a single login. |
| Detailed information | Security365 platform • Providing SSO between solutions offered by Security365 SAML template provided • Supported applications: Microsoft365, AWS, Salesforce, Box, Notion, Slack, Atlassian, GitHub, Naver Works, Zoom, Figma, Snowflake, Miro, Freshworks, Flex, Kintone, etc.(View All Items) • Automatic access to the application with just one login through the Security365 account. |
Security Policy Section
| Item | Content |
|---|---|
| Requirement Classification | Security Policy Section |
| Requirement Name | Conditional Policy |
| Definition | A feature that enhances security by setting and monitoring differentiated access control policies based on conditions. |
| Detailed information | Access Control • Setting differentiated access policies based on conditions such as users, groups, device types, locations, and times. • Setting and managing session expiration time |
System Settings Section
| Item | Content |
|---|---|
| Requirement Classification | System Settings Section |
| Requirement Name | System Settings |
| Definition | Manage the system's basic settings and branding to provide a customized environment for each organization. |
| Detailed information | Branding Settings • Customize the login page logo for each company • Branding application by organization |