Permissions and Identities in the Cloud

Permissions and Identities in the Cloud is among the core components of a cloud computing platform. This guarantee installation and manageability of identities and also the security of the different systems and cloud-based applications. A modern identity and access management system consists of several components, which are summarized in the identity management platform. Unfortunately, Permissions and Identities in the Cloud is a topic that reaches the end user rarely.

Permissions and Identities in the Cloud : Scopes

The main pillars of this key system of Permissions and Identities in the Cloud are the authentication, authorization and identity. The visibility of the scope and management of identity-related information, data and permissions required in a such a comprehensive environment, flexible and secure identity and access management (IDA). Due to different technologies and methods ( software and services ) within a cloud, the business requirements, a new scope and a new complexity developed, which is different from classical IDA systems. The challenge for these systems IDA is to realize an integrated implementation that takes into account the concept of identity-as-a-Service account.

An effective cloud computing requires an IDA system, which combines administrative tasks and duties related to administration. An IDA system in the cloud must have complete control over every identity and compatible with any system. It included the administration of identities of individuals, service accounts, physical or virtual computers, servers and services. These requirements, are met by a conventional system of IDA only partially. Ideally, the IDA system to store all relevant information to provide on the basis of access or the manageability of resources within the cloud, according to the defined Service Level Agreements (SLA).

The IDA system keeps a coherent solution to the manageability ready of the entire life-cycle of an identity and related information requirements and permissions. Functionally, it is distinguished into two distinct components: one is the system of deletion of identities (provisioning) and the otheris  identity management (administration). The manageability of identities defines the implementation and transfer of administrative tasks and access to self-service components.

Permissions and identities in the cloud : Core

 
In a cloud the deletion of identities is a just-in-time or on-demand process. Here, identities are created, distributed without all the information, an identity in the connected systems or applications are available. Deletions of identities should be immediately and directly, if required, to synchronized to all systems and applications in the cloud, as any delay may include a security risk, that must be avoided. IDA is in the cloud ensures that even more connected identities according to the request will be dysfunctional.

Because the users, procedures, processes and business needs can have different requirements for the security and functionality within the cloud, it is necessary to define a common standard for the protection of IT infrastructure with the various service providers and those of the provision and publication provide applications and / or information. Security audits and logging procedures are an indispensable part of the IDA system.