Welcome!

Cloud Expo Authors: Jeremy Geelan, Liz McMillan, Elad Yoran, Kevin Nikkhoo, RealWire News Distribution

Related Topics: Cloud Expo, Virtualization

Cloud Expo: Blog Post

Cloud Identity and Privacy

Harnessing the Identity Metasystem for Secure Cloud Services

Advances in Identity Management technologies will provide foundations for an "Identity Metasystem", providing the tools for securing information in a manner that greatly accelerates adoption of Cloud computing.

Secure Cloud Services

Typically conversations about Cloud Computing quickly lead to the perceived big roadblock holding back its adoption, data privacy and security.

Ask yourself how you would feel about having sensitive information, like your bank account or credit card details, stored "in the Cloud"? What does that even mean? Who owns and controls it? If the data resides on servers in the USA, can they be seized by the authorities?

As Eric Openshaw, U.S. Technology Leader at Deloittes highlights in his article 'Keeping Data Safe in the Cloud', these are the serious challenges that Cloud must answer before corporates and governments will leap on board, and it will require a combination of IT and services.

This means it is also a very fertile area for venture development. New technologies and processes that address these concerns will likely be very successful in the Cloud market.

For example the Esotera 'Cloud File System' that we profiled previously provides one essential ingredient, distributed encryption. What difference does it make if someone seizes a server if the data on it is only a useless fragment of the information, and it's encrypted?

Consultants firms provide audit services like SaS70, to ensure data-centre operations are suitably robust so that they can assure one aspect of information security, but technology is needed to guarantee its privacy through greater levels of granularity of features like this encryption.

Cloud Identity Metasystem

Although Cloud mainly refers to a type of software, it's also referred to in the context of the overall Internet, as "in the Cloud".

This means hosting applications with service providers like Amazon but this will also come to mean better data sharing between them by doing so. Plugging your app into the Cloud will mean engineering it to be better integrated with the Cloud, as well as using it for utility infrastructure.

A simple example is the hassles of having multiple usernames and passwords for each web site that you use, and how this can be addressed by using a single Internet username identity. The most popular standard that has emerged for this is OpenID, now used by millions.

This enables you to have a single username that works consistently across multiple web sites, eliminating this friction and is thus a great boon, but it's only the tip of the iceberg.

Kim Cameron, Microsoft's Identity guru, explains in his work how this technology trend will build out an "Identity Metasystem".  In his proposal for a common identity framework (30 page PDF) he talks about how their new technologies like Cardspaces will utilize OpenID to better connect theirs and other vendor applications, streamlining user access across all of them.

By doing this this will provide the technical features required to achieve the Information Assurance processes needed to certify Cloud services as being secure enough.

Matching these developments to government policy for their adoption will be the key to unlocking the floodgates. Kim writes in this paper how compliance with EU privacy laws can be achieved, and with the USA recently beginning their procedures to formalize recognition of them this is likely to act as a catalyst in accelerating levels of Cloud adoption.

Vendor profile: Cloud Identity

Insightfully named Cloud Identity is one vendor that offers this type of technology, and they highlight the key venture strategy to employ, namely that of identifying how corporate IT can leverage these advances to solve practical problems.

Cloud Identity provides software for automating user processes across multiple SaaS systems. Organizations employing temporary workers may have them use Salesforce and Webex for example, so they need to be automatically set up and removed from these accordingly.

With this software enterprises can leverage OpenID as a single identifier but control it according to corporate policies and integrate it with on-site Identity Management systems like Active Directory, providing for a secure 'bridge' from on-site to hosted applications.

More Stories By Cloud Ventures

The Cloud Ventures Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

Cloud Expo Breaking News
New, "Super-Sized" 4-Day Cloud Computing Bootcamp is a brief introduction to cloud computing carefully created and devised to help you keep up with evolving trends like Big Data, PaaS, APIs, Mobile, Social and Data Analytics. Solutions built around these topics require a sound cloud computing infrastructure to be successful while assisting customers harvest real benefits from this transformational change that is happening in the IT ecosystem.
The world’s first vendor neutral marketplace for IaaS (Infrastructure as a Service) cloud computing is being built. This marketplace fills the current gap in the value chain by offering standardized products and by addressing the needs of providers and consumers of cloud computing resources. Zimory is the technical partner for the settlement process of this project. In his session at 12th Cloud Expo | Cloud Expo New York [June 10-13, 2013], Zimory CEO Rüdiger Baumann session will introduce th...
Companies around the world are moving into on-premise private cloud environments. Many connect their private cloud to their public cloud service providers. In his session at 12th Cloud Expo | Cloud Expo New York [June 10-13], Brian Patrick Donaghy will talk about examples of what worked, what failed and why we should think about this evolution.
Enterprise cloud adoption revolves around pushing the BYOD movement and focusing on data security. In his session at the 12th International Cloud Expo, Ross Brouse, COO and President of Solar VPS, will cover how cloud adoption is driven by consumerism, humanity’s need to socialize, our addiction to new gadgets and the ability of data to stay secure in a growing collaborative world. The cloud is a drug and we’re just getting hooked. Ross Brouse is the COO and President of Solar VPS. He is a tr...
Enterprises can't close their doors just because integration tools won't cope with the volume of information that their systems produce. As each day goes by, their information will become larger and more complicated, and enterprises must constantly struggle to manage the integration of dozens (or hundreds) of systems. Apache Hadoop has quickly become the technology of choice for enterprises that need to perform complex analysis of petabytes of data, but few are aware of its potential to hand...
Companies around the world are collecting massive amounts of data everyday that’s sitting around and not being utilized. Take for example the fact that companies collect demographic and location-based data via mobile devices all the time, but have to figure out how to monetize that data. In this session, Joyent CTO and founder Jason Hoffman will examine the state of Big Data, taking a look at what we're doing now to discussing what's on the horizon, as companies prepare and realign their busines...
Planning scalable environments isn't terribly difficult, but it does require a change of perspective. During this session we'll broaden our views to think on an Internet Scale by dissecting a video publishing application built with The SoftLayer Platform, Message Queuing, Object Storage, and Drupal. By examining a scalable modular application build that can handle unpredictable traffic, you'll be able to grow your development arsenal and pick up a few strategies to apply to your own projects.
Learn about the complex regulations surrounding HIPAA compliance and other considerations for running sensitive data in the Cloud. In their session at the 12th International Cloud Expo, Ken Ziegler, CEO of Logicworks, and Frank Nydam, Director of Healthcare Solutions at VMware, will discuss the best practices for leveraging virtualization and cloud technologies without sacrificing security or compliance. Care providers, State and Federal entities, integrators and SaaS providers large and small...
Backup, Recovery, and Archiving (BURA) are critical elements for IT to address. BURA solutions need to address a broad spectrum of needs including data protection, regulatory compliance, and business continuity. Today's cloud based solutions can enable customers to procure and consume BURA as a service supported by EMC's latest technologies. At the end of Rich Place's session at 12th Cloud Expo | Cloud Expo New York [June 10-13, 2013], you will be able to: 1. Gain a full understanding of Backup,...
A recent study by analyst firm IDC reports that in 2012, 1.7 million cloud computing-related roles across the globe could not be filled due to the lack of training, certification and experience in the applicant pool. As the global demand for cloud and big data expertise increases, employers are finding it difficult to recruit talent, which is slowing down the ability for organizations to adopt, implement, and realize benefits from innovative platforms like OpenStack. In this session join Clo...