Skip to main content

IDaaS interoperability

Identity as a Service provides an easy mechanism for integrating identity services into individual applications with minimal development effort, by allowing the identification logic and storage of an identity’s attributes to be maintained externally. 

IDaaS applications may be separated from other distributed security systems by their compliance with SOA standards particularly if you want to have these services interoperate and be federated.

Therefore, cloud computing IDaaS applications must rely on a set of developing industry standards to provide interoperability. 

The following are among the more important of these services:

  • User centric authentication : The OpenID and CardSpace specifications support this type of data object.
  • The XACML Policy Language: This is a general-purpose authorization policy language that allows a distributed ID system to write and enforce custom policy expressions. XACML can work with SAML; when SAML presents a request for ID authorization, XACML checks the ID request against its policies and either allows or denies the request.
  • The SPML Provisioning Language: This is an XML request/response language that is used to integrate and interoperate service provisioning requests. SPML is a standard of OASIS’s Provision Services Technical Committee (PSTC) that conforms to the SOA architecture.
  • The XDAS Audit System: The Distributed Audit Service provides accountability for users accessing a system, and the detection of security policy violations when attempts are made to access the system by unauthorized users or by users accessing the system in an unauthorized way.


promoting open identity interchanges through policy standards that applications can use to enforce privacy as well as to allow privacy auditing. In 2009, this group released its Client Attribute Requirements Markup Language (CARML) and a set of IGF Privacy Constraints that forms the basis of the open source project called Aristotle (http://www.openliberty.org/wiki/index.php/ ProjectAris), which has as its goal the creation of an API for identity interchange.


Labels:

Comments

Post a Comment

Popular posts from this blog

2.1 VIRTUAL MACHINES PROVISIONING AND MANAGEABILITY

In this section, we will have an overview on the typical life cycle of VM and its major possible states of operation, which make the management and automation of VMs in virtual and cloud environments easier than in traditional computing environments As shown in Figure above, the cycle starts by a request delivered to the IT department, stating the requirement for creating a new server for a particular service.  IT administration to start seeing the servers’ resource pool, matching these resources with the requirements, and starting the provision of the needed virtual machine.  Once provisioned machine started, it is ready to provide the required service according to an SLA, or a time period after which the virtual is being released.
Post a Comment
Read more

2.2 VIRTUAL MACHINE MIGRATION SERVICES

Migration service, in the context of virtual machines, is the process of moving a virtual machine from one host server or storage location to another; there are different techniques of VM migration, hot/life migration, cold/regular migration, and live storage migration of a virtual machine. In process of migration, all key machines’ components, such as CPU, storage disks, networking, and memory, are completely virtualized, thereby facilitating the entire state of a virtual machine to be captured by a set of easily moved data files. 2.2.1. Migrations Techniques Live Migration and High Availability Live migration (which is also called hot or real-time migration) can be defined as the movement of a virtual machine from one physical host to another while being powered on.  Live migration process takes place without any noticeable effect from the end user’s point of view (a matter of milliseconds).  One of the most significant advantages of live migration is the fact that it facili...
Post a Comment
Read more

Open SaaS and SOA

A considerable amount of SaaS software is based on open source software.  When open source software is used in a SaaS,  it referred to as Open SaaS.  The advantages of using open source software are that systems are much cheaper to deploy because you don’t have to purchase the operating system or software, there is less vendor lock-in, and applications are more portable.  The popularity of open source software, from Linux to APACHE, MySQL, and Perl (the LAMP platform) on the Internet, and the number of people who are trained in open source software make Open SaaS an attractive proposition.  The impact of Open SaaS will likely translate into better profitability for the companies that deploy open source software in the cloud, resulting in lower development costs and more robust solutions. SOA (Service-Oriented Architecture): SOA is an architectural approach for designing and developing software systems that are composed of loosely coupled services.  In an SO...
Post a Comment
Read more