Guest post by Adrian Lane, analyst and CTO of Securosis
We are happy to announce the release of our Identity and Access Management for Cloud Services research paper.
Identity, access management and authorization are reasonably complicated subjects, but at the center of most on-premise security projects. Cloud computing and cloud security are both very complex subjects. Mix the two together, in essence federation of your on-premise identity systems into the cloud, and you have complexity soup! Gunnar and I felt that given these importance of identity management for cloud computing, and the complexity of the subject matter, users really needed a guide to help them understand what the heck is going on. Far too often people talk about the technologies (e.g.: SAML, OAuth and OpenId) as the solution, but that totally misses the bigger picture of the transformation of identity as we knew it into Cloud IAM. We are witnessing a major shift in both how we provide and consume identity that is not apparent from a tools-centric view.
This paper does present the nuts and bolts of how Cloud IAM works, but more importantly we framed the pieces into the bigger trend of how Cloud IAM services work, and how this industry trend is changing identity systems. Moving the trust model outside the enterprise, where multiple internal and external services cooperate to support IAM, is a radical departure from traditional on-prem directory services. We liken the transition from in-house directory services to Cloud IAM as akin to moving from an Earth centric view of the universe to a Sun centric view: it’s a complete change in perspective. This is not your fathers LDAP server!
If you want to understand what Cloud Identity is all about, we encourage you to download the paper and give it a read. And we greatly appreciate Symplified for licensing this content! While most vendors we speak with only want to talk about their Single Sign-On capability, Federation module, SAML connector, mobile app or management dashboard – or whatever piece of the whole – they share our vision that you need to understand the cloud IAM eco-system first and how everything fits together first before diving into the supporting technologies.
You can get a copy of the paper here from Symplified.
Adrian Lane is a security strategist with over 22 years of industry experience, spanning Ingres, Oracle, and Unisys. He has extensive experience in the vendor community, but brings a pragmatic perspective to selecting and deploying technologies. Adrian specializes in database security, data security, and software development.