2. About this talk
• Concept of Identity in Cloud Computing
• Experiences as
– Co-chair, Oasis Identity In The Cloud TC.
3. Cloud
• NIST Definition
• Computing model enabling
– convenient, on-demand n/w access to
shared pool of configurable compute
resources.
4. Cloud
• NIST Definition – Service Models
– Software as a Service (SaaS)
– Platform as a Service (Paas)
– Infrastructure as a Service (IaaS)
5. Cloud
• NIST Definition – Deployment Models
– Private Cloud
– Community Cloud
– Public Cloud
– Hybrid Cloud
6. General Cloud Identities Issues
• Administrative Accounts
– Identities with special attributes
– Escalated Privileges
• Dangerous?
• Controls available?
7. Identity - SaaS
• Identities local to the SaaS environment
• Identities from federations
– Private Trust Federations
– Community Trust Federations
– Social Identities as a Service
• Facebook, Google, Twitter
• Identities with delegated intermediaries
– Identity Brokers
9. Identity - IaaS
• Application Identities
• Platform Identities
• Infrastructure Identities
– Server Identities
– VM Identities
• Current approach is UUIDs by vendors
• What happens when VM migrates
10. Identity – Hybrid Cloud
• Directory Services
– Identities all available in cloud directory?
– Access the enterprise directories?
– General fear to expose enterprise directory
externally.
11. Closing Thoughts
• A large number of people are likely to
remember their Facebook, Gmail,
Yahoo, Twitter etc. passwords than
their corporate passwords to Benefits,
Payroll etc.
• Try to remember the IRS pin you use to
e-file?
• NIST 4 LOA is flattening?