<Insert Picture Here>
Identity Services and the Cloud:
What Every Enterprise Should Know
Nishant Kaushik
Principal Architect, Oracle Identity Management

The following is intended to outline our general
product direction. It is intended for information
purposes only, and may not be incorporated into any
contract. It is not a commitment to deliver any
material, code, or functionality, and should not be
relied upon in making purchasing decisions.
The development, release, and timing of any
features or functionality described for Oracle’s
products remains at the sole discretion of Oracle.

Agenda
• The X’s of Cloud Computing <Insert Picture Here>
• The Identity Factor
• Putting it All Together

The Allure of Cloud Computing
• Pay As You Go
• Availability
• Flexibility
• Time To Value
• Simplicity
A New Paradigm
Cloud Computing is about the
on-demand, elastic and scalable
consumption of computing
resources.

The Reality of Cloud Computing
• SLAs = Inadequate; Usually
favoring provider
• Transparency = Missing
• Standards = Few in practice
• Security Concerns = Unresolved
• Interoperability = Coming…?
Dig A Little Deeper
Cloud Computing lacks some of
the characteristics expected of a
utility.

The Risks of Cloud Computing
• Information Protection Challenges
• Governance Models in Jeopardy
• Strategic Vulnerability
Mind The Gap
IDC survey: 74% rate cloud
security issues as “very
significant”

Agenda
• The X’s of Cloud Computing <Insert Picture Here>
• The Identity Factor
• Putting it All Together

Identity – The Key to Cloud Security
Identity Management is already core to Enterprise Security
Access
• The 3 A’s of Identity are core to the Information
Protection challenge
• Compliance with business policies & regulations
Controls • Make governance sustainable by driving down
administration cost & improving service levels
Strategic • Enables business agility & collaboration
Advantage • Improved risk management & customer satisfaction

Enterprise IdM, Interrupted
Identity
infrastructure that
seamlessly spans an
enterprises internal &
cloud environments
Traditional Enterprise
IdM relies on tight Vision
integration and heavy
customization, with Disruption
direct access to data The cloud’s model of sharing
stores resources makes tight coupling
a non starter
Convention

Enter the Identity Services Model
Applications/Services/Platforms Sharing Services
Retail Customer Partner Employee Call Center
Application Application Portal Application
Service Infrastructure
Service 1 Service 2 Service 3 Identity Services
Shared, Reusable Services
• The goal: To provide identity functionality in a consistent, reusable
service-oriented model to all applications/services
• Identity, access and compliance management functionality
implemented as services in a SOA
• Promotes loose coupling to ensure long term viability and
heterogeneity of business solutions

Identity Services Platform for the Cloud
• The Identity Services Platform contains the set of
identity services needed to extend Enterprise Identity
to the cloud
• Could be deployed internally or in the cloud itself
Identity Services Platform
Identity Federated Authentication & User-Centric Identity that
Assurance spans the enterprise environment and cloud environment
Identity Strong User and Access Lifecycle Management
Administration (Provisioning/De-Provisioning Capabilities)
Identity A Claims-Based Authorization model, coupled with
Interfaces
Authorization strong XACML-based Entitlement Management
Identity Enterprise Identity Providers protected by IGF-style
Hub policy controls
Identity A standardized Audit Framework for creating, managing
Audit and analyzing audit trails across cloud services

The Cloud Identity Model
Partner 1 Partner 2
Identity Services Platform
Identity Services Platform
Identity Identity
Identity Identity Hub Administration
Assurance Audit Service Service
Service Service
IAM Service Provider
Business Service Provider
Identity Services Platform
Identity Identity
Authorization Assurance
Service Service
Consumer
• All participants have interoperable identity services
• Every participant can be both the service provider and service consumer

Agenda
• The X’s of Cloud Computing <Insert Picture Here>
• The Identity Factor
• Putting it All Together

A Path into the Cloud
Extend to
Define Cloud Service Build A
Hybrid/Public
Security Policy Externalization Private Cloud
Clouds
• Develop your company's security policy toward cloud computing
• Implement IdS platform by leveraging standards-based IdM tools
• Use private cloud build-out to validate policies, controls & interfaces
• Evaluate cloud providers the same way you would internal systems
• Insist they be interoperable with your identity services
• Put in place detective controls

Oracle Identity Management Can Help
Identity Administration Access Management Directory Services
• Identity Manager • Access Manager • Internet Directory
• Role Manager • Adaptive Access Manager • Virtual Directory
• Enterprise Single Sign-On
• Identity Federation
• Entitlements Server
Audit & Compliance Manageability
• Identity Management Suite • Enterprise Manager IdM Pack

Unlocking the Potential
• Security built right into the
platform
• Multi-Tenant model spreads the
cost of security across
• Vendors have incentive to
standardize, interoperate
Transforming IT • Introduce greater rigor and best
Cloud architecture actually lends practices into business policy
itself to a far more robust and and governance
reliable security architecture.

To Learn More
Oracle Identity Management
• Visit: www.oracle.com/identity
Oracle Cloud Computing
• Visit: www.oracle.com/us/technologies/cloud
Continue the Discussion
• Blog: blog.talkingidentity.com
• Twitter: @nishantk
17