中文摘要：

随着信息技术的发展，大型机构的信息系统架构目益复杂，使得机构内实现安全的身份与访问管理异常复杂和难以控制。文章提出了一种面向大型机构的身份与访问管理云技术架构与实现方案。与现有方案相比，该方案可以降低机构整体实施身份与访问管理的成本，同时由于集中管理机构用户，避免了用户信息不一致的问题，并为机构用户带来较好的单点登录体验。

英文摘要：

With the development of information technology, the complexity of information system of large organizations is increasing. The identity and access management in organizations is extremely complex. This paper presents a novel identity and access management architecture and implement mechanism of the cloud for large organizations. Comparing to exist solutions, the cloud-based solution can dramatically decrease the cost of identity and access management, present the better single sign on experience to users, and avoid the problem of inconsistent of user information.