From the Blogosphere
Cloud Identity and Privacy
Harnessing the Identity Metasystem for Secure Cloud Services
Jul. 30, 2010 01:15 PM
Advances in Identity Management technologies will provide foundations for an "Identity Metasystem", providing the tools for securing information in a manner that greatly accelerates adoption of Cloud computing.
Secure Cloud Services
Typically conversations about Cloud Computing quickly lead to the perceived big roadblock holding back its adoption, data privacy and security.
Ask yourself how you would feel about having sensitive information, like your bank account or credit card details, stored "in the Cloud"? What does that even mean? Who owns and controls it? If the data resides on servers in the USA, can they be seized by the authorities?
As Eric Openshaw, U.S. Technology Leader at Deloittes highlights in his article 'Keeping Data Safe in the Cloud', these are the serious challenges that Cloud must answer before corporates and governments will leap on board, and it will require a combination of IT and services.
This means it is also a very fertile area for venture development. New technologies and processes that address these concerns will likely be very successful in the Cloud market.
For example the Esotera 'Cloud File System' that we profiled previously provides one essential ingredient, distributed encryption. What difference does it make if someone seizes a server if the data on it is only a useless fragment of the information, and it's encrypted?
Consultants firms provide audit services like SaS70, to ensure data-centre operations are suitably robust so that they can assure one aspect of information security, but technology is needed to guarantee its privacy through greater levels of granularity of features like this encryption.
Cloud Identity Metasystem
Although Cloud mainly refers to a type of software, it's also referred to in the context of the overall Internet, as "in the Cloud".
This means hosting applications with service providers like Amazon but this will also come to mean better data sharing between them by doing so. Plugging your app into the Cloud will mean engineering it to be better integrated with the Cloud, as well as using it for utility infrastructure.
A simple example is the hassles of having multiple usernames and passwords for each web site that you use, and how this can be addressed by using a single Internet username identity. The most popular standard that has emerged for this is OpenID, now used by millions.
This enables you to have a single username that works consistently across multiple web sites, eliminating this friction and is thus a great boon, but it's only the tip of the iceberg.
Kim Cameron, Microsoft's Identity guru, explains in his work how this technology trend will build out an "Identity Metasystem". In his proposal for a common identity framework (30 page PDF) he talks about how their new technologies like Cardspaces will utilize OpenID to better connect theirs and other vendor applications, streamlining user access across all of them.
By doing this this will provide the technical features required to achieve the Information Assurance processes needed to certify Cloud services as being secure enough.
Matching these developments to government policy for their adoption will be the key to unlocking the floodgates. Kim writes in this paper how compliance with EU privacy laws can be achieved, and with the USA recently beginning their procedures to formalize recognition of them this is likely to act as a catalyst in accelerating levels of Cloud adoption.
Vendor profile: Cloud Identity
Insightfully named Cloud Identity is one vendor that offers this type of technology, and they highlight the key venture strategy to employ, namely that of identifying how corporate IT can leverage these advances to solve practical problems.
Cloud Identity provides software for automating user processes across multiple SaaS systems. Organizations employing temporary workers may have them use Salesforce and Webex for example, so they need to be automatically set up and removed from these accordingly.
With this software enterprises can leverage OpenID as a single identifier but control it according to corporate policies and integrate it with on-site Identity Management systems like Active Directory, providing for a secure 'bridge' from on-site to hosted applications.
Latest AJAXWorld RIA Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week