Cloud computing Security and privacy: Joint identity Management (1)

Source: Internet
Author: User
Keywords Cloud computing security identity Union
Cloud computing security-Why use IAM in the traditional sense, organizations invest in IAM practices to improve operational efficiency and meet requirements for regulatory, privacy, and Data protection: 1. Improve operational efficiency architecture good IAM Technology and processes can automate repetitive tasks such as user entry, and thus improve efficiency (for example, self-service reset user request passwords without system administrators using the Help desk dispatch system). 2. Compliance management for the protection of systems, applications and information that are not subject to internal and external threats, such as the removal of sensitive data by disgruntled employees, and compliance with various regulatory, privacy, and data protection requirements, organizations implement the "IT generic and application-level control" framework, which comes from industry-standard frameworks such as ISO 27002 and the Information Technology Infrastructure Library (ITIL). IAM programs and practices can help organizations achieve access control and operational security goals (for example, compliance requirements, such as "separation of duties" and the minimum rights assignment for staff to perform their duties). Auditors typically map internal controls to it controls to support compliance management processes such as the payment Card industry (PCI) data Security Standard (DSS) and the 2003 Sarbanes-Oxley Act (SOX). In addition to improving operational efficiency and compliance management efficiencies, IAM can implement new it delivery and deployment patterns (such as cloud computing services). For example, identity union, as a key component of the IAM, enables identity information to be connected and carried across trust boundaries. Therefore, the IAM enables enterprise and cloud computing service providers to establish channels between secure trust domains through web single sign-on and federated users. Some cloud use cases that require IAM support from cloud computing service providers include: Institutional staff and related contractors use identity syndication to access SaaS services (for example, sales and support personnel using corporate identity and credentials to access Salesforce.com). The IT administrator accesses the cloud computing service Provider console, provides resources and access to users who use enterprise identity (for example, newco.com IT administrators provide virtual machines and VMS in the Amazon Flex Cloud and configure virtual machine operations such as Start, stop, suspend, and delete) Rights and certificates). Developers create accounts for their partner users on the PAAs platform (for example, newco.com developers provide accounts for contracted partnerco.com employees in force.com, while the latter performs newco.com business processes). End users use Access policy management capabilities to access storage services in the cloud, such as the Amazon Simple Storage service, and share files and objects with users within and outside the domain. Applications within cloud computing services providers, such as the Amazon Resilient computing cloud, access storage through other cloud computing services such as Mosso. Because IAM like SSO allows the application to materialize the authentication feature, which enables the enterprise to quickly adopt the *aas service (Salesforce.com is an example) to reduce the time of business integration with the service provider. The IAM functionality can also help organizations outsource certain processes or services to their partners and reduce the impact on corporate privacy and security, for example, the employees of business partners who fulfill orders, who can use identity syndication to access real-time information stored in business applications and manage the product implementation process. In short, an extension of the IAM strategy, practice, and architecture enables organizations to extend user access management practices and processes in cloud computing. Therefore, the implementation of IAM institutions can quickly adopt cloud computing services, and maintain its security control efficiency and effectiveness. 1 2 3 next page >> view full-text Navigation 1th page: Why use IAM 2nd page: Iam Challenge and Definition page 3rd: IAM architecture and Practice original text: Cloud Computing Security and privacy: Identity joint Management (1) Return to network security home
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.