Upload
obedience-dunn
View
39
Download
2
Embed Size (px)
DESCRIPTION
www.oasis-open.org. Identity in the Cloud (ID-Cloud) Towards standardizing Cloud Identity. Cloud Identity Management. TC works to address Identity Management challenges related to Cloud Computing Cloud Identity Management is considered a top security concern - PowerPoint PPT Presentation
Citation preview
Identity in the Cloud (ID-Cloud)
Towards standardizing Cloud Identity
www.oasis-open.org
Cloud Identity Management
TC works to address Identity Management challenges related to Cloud Computing
Cloud Identity Management is considered a top security concern
Identity Management is not completely solved at Enterprise level
Standards are evolving
Cloud is a new paradigm, so the same problems in new packaging
What is it we do?
3 Main objectives:
Identifying detailed Use Cases Identity deployment, provisioning and management in a cloud context
Define Interoperability Profiles for Identity in the Cloud Profiles will be based on use and combinations of existing standards,
protocols and formats
Gap Analysis of existing Identity Management standards and protocols when applied in the context of Cloud
Based on Use Cases and Interoperability Profiles Feed analysis back to the WG responsible for a standard
What is it we do?
Other objectives:
Glossary on Cloud Identity Harmonized set of definitions, terminologies and vocabulary on Identity
in the context of Cloud
Do not re-invent the wheel Build on existing standards and specifications
Strong liaison relationships with other international working groups ITU-T, Cloud Security Alliance
How serious are we about this?
Our Technical Committee chairs are: Anil Saldhana (Red Hat) Tony Nadalin (Microsoft)
Amongst the member of the Technical Committee are: Red Hat, IBM, Microsoft, CA Technologies, Cisco Systems, SAP,
EBay, Novell, Ping Identity, Safe Net, Symantec, Boeing Corp, US DOD, Verisign, Akamai, Alfresco, Citrix, Cap Gemini, Google, Rackspace, Axciom, Huawei, Symplified, Thales, Conformity, Skyworth TTG, MIT, Jericho Systems, PrimeKey, Aveksa, Mellanox, Vanguard Integrity Professionals, NZ Govt ...
Current Status
Three stages:
Use Case formalization (ETA: May/June ’11)
Defining the Interoperability Profiles for Identity in the Cloud (ETA: December ’11)
Gap Analysis of existing Identity Management Standards
Details on Use Cases
Received 35 Use Cases of Identity Management in the Cloud
Structure of Use Cases: Description / user story Goal / Desired outcome Categories covered Applicable Deployment Models Actors Systems Notable Services Dependencies Assumptions Process Flow
Details on Use Cases
Categorizations: Authentication
Single Sign On (SSO) Multi factor Authentication
Infrastructure Identity Establishment General Identity Management
Infrastructure IdM Federated IdM
Authorization Account & Attribute Management
Account & Attribute Provisioning Security Tokens Audit & Compliance
Details on Use Cases
Applicable Deployment and Service Models:
Deployment Models: Private Public Community Hybrid
Service Models: SaaS PaaS IaaS Other
Details on Use Cases
High Ranked Use Cases:
Managing Identities at all levels in the Cloud
Need for Federated Single Sign On across multiple environments
Enterprise to Cloud SSO
Auditing
Multi-factor Authentication for Privileged User Access
Resources
OASIS Technical Committee Homepage
http://www.oasis-open.org/committees/id-cloud/
OASIS Technical Committee Wiki
http://wiki.oasis-open.org/id-cloud/FrontPage
Wiki Page with links to member submissions
http://wiki.oasis-open.org/id-cloud/MemberSubmissions
www.gershonjanssen.com