2. About this talk Concept of Identity in Cloud Computing
Experiences as Co-chair, Oasis Identity In The Cloud TC.
3. Cloud NIST Definition Computing model enabling convenient,
on-demand n/w access to shared pool of configurable compute
resources.
4. Cloud NIST Definition Service Models Software as a Service
(SaaS) Platform as a Service (Paas) Infrastructure as a Service
(IaaS)
5. Cloud NIST Definition Deployment Models Private Cloud
Community Cloud Public Cloud Hybrid Cloud
6. General Cloud Identities Issues Administrative Accounts
Identities with special attributes Escalated Privileges Dangerous?
Controls available?
7. Identity - SaaS Identities local to the SaaS environment
Identities from federations Private Trust Federations Community
Trust Federations Social Identities as a Service Facebook, Google,
Twitter Identities with delegated intermediaries Identity
Brokers
9. Identity - IaaS Application Identities Platform Identities
Infrastructure Identities Server Identities VM Identities Current
approach is UUIDs by vendors What happens when VM migrates
10. Identity Hybrid Cloud Directory Services Identities all
available in cloud directory? Access the enterprise directories?
General fear to expose enterprise directory externally.
11. Closing Thoughts A large number of people are likely to
remember their Facebook, Gmail, Yahoo, Twitter etc. passwords than
their corporate passwords to Benefits, Payroll etc. Try to remember
the IRS pin you use to e-file? NIST 4 LOA is flattening?