the Cloud. Here, I listed a few issues and research directions or new
product ideas for the Cloud Identity.
1: How does Identity provisioned into the cloud? SPML is a standard,
but not widely used. There needs some updated standard to address the
identity provision, deprovision, and identity proofing.
2: How do you use federation technology to federate the Identity from
private cloud to a public cloud? If a user has high assurance level in
the private cloud, how does this level impact his access to public
cloud or vice versa.
3: There is some products such as Symplified, PingIdenity, and
standards such as SAML, XACML, OpenID, OAuth to enable authentication,
SSO, and some level of access control in the cloud, we still need to
see wide adoption of the products in the Federal government. And we
need to see how it can integrate with HSPD-12 PIV card or the old CAC
card from DoD.
4: Major IDAM vendors such as Oracle, IBM, CA, Microsoft lack
necessary vision, sound strategy and innovation to come up with a
compelling stack of the IDAM products for the cloud. The products are
mostly bulky to install and hard to customize, and lacks plug and play
features. I believe that the killer app for the Identity in the cloud
will emerge from a small but innovative company.
5: The standards such as SAML, OpenID, OAuth will still need some
enhancement to fit into the cloud environment.
6: There is currently no out of box, plus and play 2 factor
authentication IAM service for the Cloud yet. It would be a cloud
killer app to have such a product.
No comments:
Post a Comment