Core Components of Cloud Computing platform includes the identity and authorization management apart from virtualization software, hardwares and network used. This does not only guarantee facility and manageability of identities, but also the safety of the different systems and cloud-based applications.
A modern identity and authorization management system consists of several components, which are summarized in the identity management platform. The pillars of this system are authentication, authorization identities and the publication of attributes. The visibility, scale and manage identity-related information, data and permissions required in a such a comprehensive environment, flexible and secure Identity and Access Management (IDA).
Recommended Article : Permissions and Identities in the Cloud
Core Components of Cloud Computing : Hardware, Software and Networking Part
Hardware, Software, Networking and Service models of Cloud belongs to the Core Components of Cloud Computing and has been discussed before through these articles :
These Core Components of Cloud Computing will not be discussed here due to limitation of space and inconvenience of reading.
Core Components of Cloud Computing : The Security and Identity Management Constitutes a Bigger Part
An efficient cloud computing requires an IDA system which summarizes the administrative tasks and makes related tasks manageable. An IDA system in the cloud must have the complete control over each and every identity system. This includes the administration of identities of the individuals, service accounts, physical or virtual computers, servers and service identities. These requirements can often only partially meet a conventional IDA system. Ideally, the IDA system storing all relevant information, based on which the access or the manageability of resources within the cloud according to defined service level agreements (SLA) to grant or to refuse.
The IDA system keeps a cohesive solutionready for the manageability of the entire lifecycle of an identity and related information, requirements and authorizations. Functional distinction is made in two different components : one is the installation and deletion of identities (provisioning) and the other is identity management (administration). The manageability of identities defines the implementation and transfer (delegation) of administrative activities and access to self-service components.
In a cloud system, the deletion of identities provide a just-in-time or on-demand process. This distributed identities can be created without having all the information an identity in the connected systems or applications are available. Deletions of identities should immediately and directly, if required, will be synchronized to all systems and applications within the cloud, as any delay may involve a security risk that must be avoided. IDA will ensure that other associated identities according to the request are dysfunctional within the cloud.
Permissions are represented within the IDA by a number of attributes that describe access and permissions to an authenticated identity (according to a set Authenticated Security Principal). As cloud-based applications often requires its own administration for authorization or authorization which include the use of general authorization technology under certain circumstances.
The possibility that an individual can have multiple identities within the cloud, makes a parent mapping of these identities are necessary.