Skip to main content

IDaaS interoperability

Identity as a Service provides an easy mechanism for integrating identity services into individual applications with minimal development effort, by allowing the identification logic and storage of an identity’s attributes to be maintained externally. 

IDaaS applications may be separated from other distributed security systems by their compliance with SOA standards particularly if you want to have these services interoperate and be federated.

Therefore, cloud computing IDaaS applications must rely on a set of developing industry standards to provide interoperability. 

The following are among the more important of these services:

  • User centric authentication : The OpenID and CardSpace specifications support this type of data object.
  • The XACML Policy Language: This is a general-purpose authorization policy language that allows a distributed ID system to write and enforce custom policy expressions. XACML can work with SAML; when SAML presents a request for ID authorization, XACML checks the ID request against its policies and either allows or denies the request.
  • The SPML Provisioning Language: This is an XML request/response language that is used to integrate and interoperate service provisioning requests. SPML is a standard of OASIS’s Provision Services Technical Committee (PSTC) that conforms to the SOA architecture.
  • The XDAS Audit System: The Distributed Audit Service provides accountability for users accessing a system, and the detection of security policy violations when attempts are made to access the system by unauthorized users or by users accessing the system in an unauthorized way.


promoting open identity interchanges through policy standards that applications can use to enforce privacy as well as to allow privacy auditing. In 2009, this group released its Client Attribute Requirements Markup Language (CARML) and a set of IGF Privacy Constraints that forms the basis of the open source project called Aristotle (http://www.openliberty.org/wiki/index.php/ ProjectAris), which has as its goal the creation of an API for identity interchange.


Labels:

Comments

Post a Comment

Popular posts from this blog

2.1 VIRTUAL MACHINES PROVISIONING AND MANAGEABILITY

In this section, we will have an overview on the typical life cycle of VM and its major possible states of operation, which make the management and automation of VMs in virtual and cloud environments easier than in traditional computing environments As shown in Figure above, the cycle starts by a request delivered to the IT department, stating the requirement for creating a new server for a particular service.  IT administration to start seeing the servers’ resource pool, matching these resources with the requirements, and starting the provision of the needed virtual machine.  Once provisioned machine started, it is ready to provide the required service according to an SLA, or a time period after which the virtual is being released.
Post a Comment
Read more

2.2 VIRTUAL MACHINE MIGRATION SERVICES

Migration service, in the context of virtual machines, is the process of moving a virtual machine from one host server or storage location to another; there are different techniques of VM migration, hot/life migration, cold/regular migration, and live storage migration of a virtual machine. In process of migration, all key machines’ components, such as CPU, storage disks, networking, and memory, are completely virtualized, thereby facilitating the entire state of a virtual machine to be captured by a set of easily moved data files. 2.2.1. Migrations Techniques Live Migration and High Availability Live migration (which is also called hot or real-time migration) can be defined as the movement of a virtual machine from one physical host to another while being powered on.  Live migration process takes place without any noticeable effect from the end user’s point of view (a matter of milliseconds).  One of the most significant advantages of live migration is the fact that it facili...
Post a Comment
Read more

1.2 ROOTS OF CLOUD COMPUTING

We can track the roots of clouds computing by observing the advancement of several technologies, especially in hardware (virtualization, multi-core chips), Internet technologies (Web services, service-oriented architectures, Web 2.0), distributed computing (clusters, grids), and systems management (autonomic computing, data center automation).  Below Figure shows the convergence of technology fields that significantly advanced and contributed to the advent of cloud computing. . We present a closer look at the technologies that form the base of cloud computing, with the aim of providing a clearer picture of the cloud ecosystem as a whole. 1.2.1 From Mainframes to Clouds 1.2.2 SOA, Web Services, Web 2.0, and Mashups 1.2.3 Grid Computing 1.2.4 Utility Computing 1.2.5 Hardware Virtualization 1.2.6 Virtual Appliances and the Open Virtualization Format 1.2.7 Autonomic Computing ______ Cloud computing has its roots in several technologies and developments, including virtualization, gr...
Post a Comment
Read more