Welcome!

@CloudExpo Authors: Elizabeth White, Liz McMillan, Matthew McKenna, AppNeta Blog, Dan Potter

Related Topics: @CloudExpo, Containers Expo Blog

@CloudExpo: Blog Post

Cloud Identity and Privacy

Harnessing the Identity Metasystem for Secure Cloud Services

Advances in Identity Management technologies will provide foundations for an "Identity Metasystem", providing the tools for securing information in a manner that greatly accelerates adoption of Cloud computing.

Secure Cloud Services

Typically conversations about Cloud Computing quickly lead to the perceived big roadblock holding back its adoption, data privacy and security.

Ask yourself how you would feel about having sensitive information, like your bank account or credit card details, stored "in the Cloud"? What does that even mean? Who owns and controls it? If the data resides on servers in the USA, can they be seized by the authorities?

As Eric Openshaw, U.S. Technology Leader at Deloittes highlights in his article 'Keeping Data Safe in the Cloud', these are the serious challenges that Cloud must answer before corporates and governments will leap on board, and it will require a combination of IT and services.

This means it is also a very fertile area for venture development. New technologies and processes that address these concerns will likely be very successful in the Cloud market.

For example the Esotera 'Cloud File System' that we profiled previously provides one essential ingredient, distributed encryption. What difference does it make if someone seizes a server if the data on it is only a useless fragment of the information, and it's encrypted?

Consultants firms provide audit services like SaS70, to ensure data-centre operations are suitably robust so that they can assure one aspect of information security, but technology is needed to guarantee its privacy through greater levels of granularity of features like this encryption.

Cloud Identity Metasystem

Although Cloud mainly refers to a type of software, it's also referred to in the context of the overall Internet, as "in the Cloud".

This means hosting applications with service providers like Amazon but this will also come to mean better data sharing between them by doing so. Plugging your app into the Cloud will mean engineering it to be better integrated with the Cloud, as well as using it for utility infrastructure.

A simple example is the hassles of having multiple usernames and passwords for each web site that you use, and how this can be addressed by using a single Internet username identity. The most popular standard that has emerged for this is OpenID, now used by millions.

This enables you to have a single username that works consistently across multiple web sites, eliminating this friction and is thus a great boon, but it's only the tip of the iceberg.

Kim Cameron, Microsoft's Identity guru, explains in his work how this technology trend will build out an "Identity Metasystem".  In his proposal for a common identity framework (30 page PDF) he talks about how their new technologies like Cardspaces will utilize OpenID to better connect theirs and other vendor applications, streamlining user access across all of them.

By doing this this will provide the technical features required to achieve the Information Assurance processes needed to certify Cloud services as being secure enough.

Matching these developments to government policy for their adoption will be the key to unlocking the floodgates. Kim writes in this paper how compliance with EU privacy laws can be achieved, and with the USA recently beginning their procedures to formalize recognition of them this is likely to act as a catalyst in accelerating levels of Cloud adoption.

Vendor profile: Cloud Identity

Insightfully named Cloud Identity is one vendor that offers this type of technology, and they highlight the key venture strategy to employ, namely that of identifying how corporate IT can leverage these advances to solve practical problems.

Cloud Identity provides software for automating user processes across multiple SaaS systems. Organizations employing temporary workers may have them use Salesforce and Webex for example, so they need to be automatically set up and removed from these accordingly.

With this software enterprises can leverage OpenID as a single identifier but control it according to corporate policies and integrate it with on-site Identity Management systems like Active Directory, providing for a secure 'bridge' from on-site to hosted applications.

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

@CloudExpo Stories
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
As companies gain momentum, the need to maintain high quality products can outstrip their development team’s bandwidth for QA. Building out a large QA team (whether in-house or outsourced) can slow down development and significantly increases costs. This eBook takes QA profiles from 5 companies who successfully scaled up production without building a large QA team and includes: What to consider when choosing CI/CD tools How culture and communication can make or break implementation
"When you think about the data center today, there's constant evolution, The evolution of the data center and the needs of the consumer of technology change, and they change constantly," stated Matt Kalmenson, VP of Sales, Service and Cloud Providers at Veeam Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
"We view the cloud not really as a specific technology but as a way of doing business and that way of doing business is transforming the way software, infrastructure and services are being delivered to business," explained Matthew Rosen, CEO and Director at Fusion, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Redis is not only the fastest database, but it is the most popular among the new wave of databases running in containers. Redis speeds up just about every data interaction between your users or operational systems. In his session at 19th Cloud Expo, Dave Nielsen, Developer Advocate, Redis Labs, will share the functions and data structures used to solve everyday use cases that are driving Redis' popularity.
Aspose.Total for .NET is the most complete package of all file format APIs for .NET as offered by Aspose. It empowers developers to create, edit, render, print and convert between a wide range of popular document formats within any .NET, C#, ASP.NET and VB.NET applications. Aspose compiles all .NET APIs on a daily basis to ensure that it contains the most up to date versions of each of Aspose .NET APIs. If a new .NET API or a new version of existing APIs is released during the subscription peri...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
To leverage Continuous Delivery, enterprises must consider impacts that span functional silos, as well as applications that touch older, slower moving components. Managing the many dependencies can cause slowdowns. See how to achieve continuous delivery in the enterprise.
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Security, data privacy, reliability, and regulatory compliance are critical factors when evaluating whether to move business applications from in-house, client-hosted environments to a cloud platform. Quality assurance plays a vital role in ensuring that the appropriate level of risk assessment, verification, and validation takes place to ensure business continuity during the migration to a new cloud platform.
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
UpGuard has become a member of the Center for Internet Security (CIS), and will continue to help businesses expand visibility into their cyber risk by providing hardening benchmarks to all customers. By incorporating these benchmarks, UpGuard's CSTAR solution builds on its lead in providing the most complete assessment of both internal and external cyber risk. CIS benchmarks are a widely accepted set of hardening guidelines that have been publicly available for years. Numerous solutions exist t...
Up until last year, enterprises that were looking into cloud services usually undertook a long-term pilot with one of the large cloud providers, running test and dev workloads in the cloud. With cloud’s transition to mainstream adoption in 2015, and with enterprises migrating more and more workloads into the cloud and in between public and private environments, the single-provider approach must be revisited. In his session at 18th Cloud Expo, Yoav Mor, multi-cloud solution evangelist at Cloudy...
Verizon Communications Inc. (NYSE, Nasdaq: VZ) and Yahoo! Inc. (Nasdaq: YHOO) have entered into a definitive agreement under which Verizon will acquire Yahoo's operating business for approximately $4.83 billion in cash, subject to customary closing adjustments. Yahoo informs, connects and entertains a global audience of more than 1 billion monthly active users** -- including 600 million monthly active mobile users*** through its search, communications and digital content products. Yahoo also co...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.