Projecte llegit
Títol: EntraSecure Tenant Portal: disseny d'una eina per a la gestió d'identitats i accessos en entorns cloud
Estudiants que han llegit aquest projecte:
OTERO ROCA, CARLA (data lectura: 13-02-2026)- Cerca aquest projecte a Bibliotècnica
OTERO ROCA, CARLA (data lectura: 13-02-2026)Director/a: OLLER ARCAS, TONI
Departament: ENTEL
Títol: EntraSecure Tenant Portal: disseny d'una eina per a la gestió d'identitats i accessos en entorns cloud
Data inici oferta: 04-07-2025 Data finalització oferta: 04-03-2026
Estudis d'assignació del projecte:
- GR ENG TELEMÀTICA
| Tipus: Individual | |
| Lloc de realització: EETAC | |
| Paraules clau: | |
| Identity and Access Management (IAM), entorns cloud, autenticació, autorització, RBAC, governança d'identitats, gestió d'accessos | |
| Descripció del contingut i pla d'activitats: | |
| Overview (resum en anglès): | |
| This Bachelor's Thesis focuses on the design and development of a custom web portal for the management and visualization of identities and access within a Microsoft Entra ID tenant, without using the official administration portal. The project comes from the need to gain a detailed understanding of Identity and Access Management (IAM) systems in cloud environments, as well as the core mechanisms of authentication, authorization, and identity governance.
The main objective of this work is to implement a functional solution that enables the management and inspection of users, groups, applications, and roles within an Entra ID tenant, while defining a dedicated access control model for the portal itself. In this context, the project is designed with the goal of maximizing the use of the functionalities available in Microsoft Entra ID free licenses, demonstrating that it is possible to develop a complete and fully operational application using exclusively the resources provided at this licensing level. To achieve these objectives, several specific goals have been defined, including integration with Microsoft Entra ID identity services, the implementation of a secure authentication mechanism, and the design of a dual-layer authorization model. This model separates access to the portal, controlled by an application-level role-based access control system, from actual access to tenant resources, which is governed by the native authorization mechanisms of Entra ID. The adopted methodology follows an incremental development approach, combining theoretical study of IAM concepts with their practical application in a controlled environment. The system has been designed taking into account the limitations and capabilities of the free licensing tier, prioritizing simplicity, security, and consistency of the identity model. As a result, the EntraSecure Tenant Portal has been developed: a functional web application that enables exploration of the tenant's state, management of identities and applications, visualization of role assignments, and access to a dedicated security module offering governance and IAM hygiene indicators, such as groups or applications without owners and credentials that are expired or close to expiration. The system has been validated through a controlled testing environment using different combinations of users and roles. Finally, this work concludes that it is possible to build a custom IAM management tool on top of Microsoft Entra ID that facilitates a clear understanding of the cloud identity model, providing a didactic and flexible alternative to the official administration portal and establishing a solid foundation for future extensions of the system. |
|