Skip to main content

IDaaS interoperability

Identity as a Service provides an easy mechanism for integrating identity services into individual applications with minimal development effort, by allowing the identification logic and storage of an identity’s attributes to be maintained externally. 

IDaaS applications may be separated from other distributed security systems by their compliance with SOA standards particularly if you want to have these services interoperate and be federated.

Therefore, cloud computing IDaaS applications must rely on a set of developing industry standards to provide interoperability. 

The following are among the more important of these services:

  • User centric authentication : The OpenID and CardSpace specifications support this type of data object.
  • The XACML Policy Language: This is a general-purpose authorization policy language that allows a distributed ID system to write and enforce custom policy expressions. XACML can work with SAML; when SAML presents a request for ID authorization, XACML checks the ID request against its policies and either allows or denies the request.
  • The SPML Provisioning Language: This is an XML request/response language that is used to integrate and interoperate service provisioning requests. SPML is a standard of OASIS’s Provision Services Technical Committee (PSTC) that conforms to the SOA architecture.
  • The XDAS Audit System: The Distributed Audit Service provides accountability for users accessing a system, and the detection of security policy violations when attempts are made to access the system by unauthorized users or by users accessing the system in an unauthorized way.


promoting open identity interchanges through policy standards that applications can use to enforce privacy as well as to allow privacy auditing. In 2009, this group released its Client Attribute Requirements Markup Language (CARML) and a set of IGF Privacy Constraints that forms the basis of the open source project called Aristotle (http://www.openliberty.org/wiki/index.php/ ProjectAris), which has as its goal the creation of an API for identity interchange.


Labels:

Comments

Post a Comment

Popular posts from this blog

2.1 VIRTUAL MACHINES PROVISIONING AND MANAGEABILITY

In this section, we will have an overview on the typical life cycle of VM and its major possible states of operation, which make the management and automation of VMs in virtual and cloud environments easier than in traditional computing environments As shown in Figure above, the cycle starts by a request delivered to the IT department, stating the requirement for creating a new server for a particular service.  IT administration to start seeing the servers’ resource pool, matching these resources with the requirements, and starting the provision of the needed virtual machine.  Once provisioned machine started, it is ready to provide the required service according to an SLA, or a time period after which the virtual is being released.
Post a Comment
Read more

1.2 ROOTS OF CLOUD COMPUTING

We can track the roots of clouds computing by observing the advancement of several technologies, especially in hardware (virtualization, multi-core chips), Internet technologies (Web services, service-oriented architectures, Web 2.0), distributed computing (clusters, grids), and systems management (autonomic computing, data center automation).  Below Figure shows the convergence of technology fields that significantly advanced and contributed to the advent of cloud computing. . We present a closer look at the technologies that form the base of cloud computing, with the aim of providing a clearer picture of the cloud ecosystem as a whole. 1.2.1 From Mainframes to Clouds 1.2.2 SOA, Web Services, Web 2.0, and Mashups 1.2.3 Grid Computing 1.2.4 Utility Computing 1.2.5 Hardware Virtualization 1.2.6 Virtual Appliances and the Open Virtualization Format 1.2.7 Autonomic Computing ______ Cloud computing has its roots in several technologies and developments, including virtualization, gr...
Post a Comment
Read more

2.1.1 VM Provisioning Process

  Steps to Provision VM. Here, we describe the common and normal steps of provisioning a virtual server: Firstly, you need to select a server from a pool of available servers (physical servers with enough capacity) along with the appropriate OS template you need to provision the virtual machine. Secondly, you need to load the appropriate software (operating system you selected in the previous step, device drivers, middleware, and theneeded applications for the service required). Thirdly, you need to customize and configure the machine (e.g., IP address, Gateway) to configure an associated network and storage resources. Finally, the virtual server is ready to start with its newly loaded software. These are the tasks required or being performed by an IT or a data center’s specialist to provision a particular virtual machine.
Post a Comment
Read more