SlideShare une entreprise Scribd logo

451 Research Client Event Nov 10

S
stavvmc
Technologie
1  sur  24
Télécharger pour lire hors ligne
Identity and Securing Continuous Services in Discontinuous Infrastructure Steve Coplan, Analyst CLIENT EVENT: BOSTON, DECEMBER 1, 2010
The 451 Group Analyzing the business of Enterprise IT Innovation Unique Analysis of the Hosting, Managed Service, Third-Party Datacenter and Internet Infrastructure sectors The Uptime Institute is the leading independent think tank and research body serving the global datacenter industry.
About § Longstanding member of the 451 analyst team § Startup experience at acquired security vendor § Expertise in M&A, networks § Only security analyst with a degree in Zulu 3 Client Event: Security |
Agenda § What do mean by identity in the cloud? § Cloud security models from an IAM perspective § Security models and compliance § Cloud, security and identity in the cloud § The transition from identity in the cloud to cloud identity § What's the identity in the cloud opportunity? 4 Client Event: Security |
The Intersection of Cloud and Identity Enterprise identity Cloud service providers § Authenticated employee § Customer § Group member § Service provisioning construct (revenue § Provisioning Target event) § Role-defined § Customer profile § Authorization set § Service contention priority § SLA input Cloud can be a: ● Shared resource (customer, partner, employee) ● Private cloud ● Off-premise servers, storage, applications ● Hybrid Cloud users can be: ● IT administrators buying cloud resources ● Enterprise users consuming SaaS applications ● Developers running applications/QA on PaaS ● Cloud service providers running a set of services for enterprises 5 Client Event: Security |
Objective and Outcome-Oriented Security Outcome: Objective: § Ensure everyone does what § Secure the infrastructure they are supposed to and IT operations § Establish a normative set of § Keep out the bad guys behaviors around the • How to translate this objective to transfer and consumption of a discontinuous infrastructure? information • How to translate this outcome to a set of continuous services? 6 Client Event: Security |
Defining Outcome-Oriented Security § Outcome-oriented security is contingent on a set of policy statements § Policy - A principle or rule to guide decisions and achieve rational outcome(s) Central policy definition is great, but what about exceptions? Policy is king, but a king in a constitutional monarchy § Business owners, application owners need delegation capabilities 7 Client Event: Security |
Outcome-Oriented Security and Compliance Growing overlap in spending, definitions and operations between compliance and policy § Need to drive automation of compliance processes leads to governance, eg access certification § Visibility is compliance’s greatest gift 8 8 Client Event: Security |
Defining Outcome-Oriented Security Questions remain: § How can we enforce stated policy? A stated policy does not an enforced policy make How do we define current state against stated outcome? Visibility is only a precursor to enforcement § Where does trust, privacy and liability fit in? 9 9 Client Event: Security |
What does this have to do with identity and the cloud? Identity is important because: § Compliance requirements invoke identity attributes or definitions, access controls and authentication § Identity pivot construct in defining access controls for the cloud • Need to know who you are to describe what you can/can’t do § Identity single control construct for multiple resources • SSO functions as a normalized event stream for a user • Cloud Hybridization, Desktop Virtualization, Device Proliferation escalate need for a consolidated identity and abstracted attributes 10 Client Event: Security |
What does this have to do with identity and the cloud? Identity in the cloud is important because: § Identity is the common point of reference for discontinuous infrastructure § Identity is the a key parameter for making sense of visibility § Who is the first question from a business context and by extension policy 11 Client Event: Security |
The new frontier 12 Client Event: Security |
The Intersection of Cloud and Identity Identity management Cloud service providers vendors are from Venus are from Mars § View identity as a platform § View identity as a middleware component layer or service § View identity as an service § View cloud, virtualization and enablement construct mobile Different understanding of the function of identity § Identity management vendors still dealing with technical challenges of portable identity § Cloud service providers see need for portable identity associated with portable image Need for a match.com broker? 13 Client Event: Security |
Identity in the cloud: A maturity model Managed Operational Native Portability portability Portability (Architecture) (Infrastructure) 14 Client Event: Security |
From Identity In the Cloud to Cloud Identity: Maturity Model Maturity stage Customers Technology Elements Providers Delivery Model Operational Enterprise SSO Identity management Hybrid: On-premise gateways Portability (Identity providers) Authentication vendors (Incumbents, Federation gateways Service Providers venture-funded partners) Federation (SAML, Federation hubs (relying parties) OpenID, OAuth, WS-Fed) Platform vendors SaaS providers Application Access Paas Providers Control Infrastructure Identity Providers Authorization (XACML Paas/SaaS Providers From the cloud Authentication, (Managed Cloud Service Providers Provisioning/Governance Identity management SSO, trust services Portability) Identity as a Service Cloud access gateways vendors To the cloud Providers Trust brokers Cloud service providers Provisioning User privacy stores In the cloud: Directory in the cloud Architecture Enterprise Embedded middleware Cloud service providers In the cloud -service federation, Cloud service providers Attribute sources PaaS providers image federation (Native Attribute assurance Identity Providers Run-time authentication, Portability) authorization and provisioning Trust brokers Identity as a service Cloud federation vendors Incumbents 15 Client Event: Security |
Cloud Identity: Characteristics Granularity Automation Security 16 Client Event: Security |
Identity in the cloud: A tale of many markets Enterprise ID Services Transactional Extension (to, from, in the cloud) (Identity providers) 17 Client Event: Security |
Identity in the cloud: Meta-issues Liability Trust/Assurance Value 18 Client Event: Security |
From Identity In The Cloud to Cloud Identity: Requirements Maturity stage Characteristics Affinities Meta-Issues Portability Automation (+++) Compliance Automation Liability (++) Security (+) Governance Trust/Assurance (++) Granularity (+/-) Value (+) Infrastructure Automation (+++) Policy Management Liability (++) Security (++) Information Management Trust/Assurance (++) Granularity (+) Software Infrastructure as a Value (++) Service Architecture Automation (++++) Service Enablement Liability (+++) Security (++) Big Data Trust/Assurance (+++) Granularity (+++) Value (+++) 19 Client Event: Security |
Identity In the Cloud: Strategic But Also Lucrative? Arms dealer Services Transactiona § Incumbents To, from and for l transitioning from the cloud enterprise sales § Diversity of new Model model Consumerization of players § § Architecture enterprise identity § New market question still Trust substrate segments open § unresolved § Tollgate model § Build or embed? 20 Client Event: Security |
Identity In the Cloud: Winners and Losers? It’s how you play the game End users § Getting automation, granularity right yields security § Sets the stage to answer the question “what could you do in the cloud” Identity management vendors § Architectural issues, sales model major challenges § Their game to lose Independent identity as a service/federation/authorization vendors § New markets, technology categories opening up 21 Client Event: Security |
Identity In the Cloud: Winners and Losers? It’s how you play the game Platform vendors forge into the new frontier § VMWare, Microsoft duke it out for end user tier § PaaS players make a development, embedded run-time play Identity providers § If you build it, they come § Value contingent on required trust, attribute assurance for transaction Cloud service providers § Associating a portable image with a portable identity § Unified cloud environment/integration provider 22 Client Event: Security |
Identity In The Cloud • Q&A Q&A 23 Client Event: Security |
Identity In The Cloud • Q&A Thank You. Questions? steve.coplan@the451group.com 24 Client Event: Security |

Recommandé

Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesBhavesh Bhagat, CGEIT, CISM (LION)
 
Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7CA API Management
 
GotoChgo 2019: Not Just Events: Developing Asynchronous Microservices
GotoChgo 2019: Not Just Events: Developing Asynchronous MicroservicesGotoChgo 2019: Not Just Events: Developing Asynchronous Microservices
GotoChgo 2019: Not Just Events: Developing Asynchronous MicroservicesChris Richardson
 
YOW2018 - Events and Commands: Developing Asynchronous Microservices
YOW2018 - Events and Commands: Developing Asynchronous MicroservicesYOW2018 - Events and Commands: Developing Asynchronous Microservices
YOW2018 - Events and Commands: Developing Asynchronous MicroservicesChris Richardson
 
Open APIs + Software Competitions = Innovative & Creative Solutions
Open APIs + Software Competitions = Innovative & Creative SolutionsOpen APIs + Software Competitions = Innovative & Creative Solutions
Open APIs + Software Competitions = Innovative & Creative SolutionsCA API Management
 
CA security-Management -Vasu Surabhi
CA security-Management -Vasu SurabhiCA security-Management -Vasu Surabhi
CA security-Management -Vasu SurabhiVasu Surabhi
 
Blockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersBlockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersJoseph Holbrook, Chief Learning Officer (CLO)
 

Recommandé

Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesBhavesh Bhagat, CGEIT, CISM (LION)
 
Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7CA API Management
 
GotoChgo 2019: Not Just Events: Developing Asynchronous Microservices
GotoChgo 2019: Not Just Events: Developing Asynchronous MicroservicesGotoChgo 2019: Not Just Events: Developing Asynchronous Microservices
GotoChgo 2019: Not Just Events: Developing Asynchronous MicroservicesChris Richardson
 
YOW2018 - Events and Commands: Developing Asynchronous Microservices
YOW2018 - Events and Commands: Developing Asynchronous MicroservicesYOW2018 - Events and Commands: Developing Asynchronous Microservices
YOW2018 - Events and Commands: Developing Asynchronous MicroservicesChris Richardson
 
Open APIs + Software Competitions = Innovative & Creative Solutions
Open APIs + Software Competitions = Innovative & Creative SolutionsOpen APIs + Software Competitions = Innovative & Creative Solutions
Open APIs + Software Competitions = Innovative & Creative SolutionsCA API Management
 
CA security-Management -Vasu Surabhi
CA security-Management -Vasu SurabhiCA security-Management -Vasu Surabhi
CA security-Management -Vasu SurabhiVasu Surabhi
 
Blockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersBlockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersJoseph Holbrook, Chief Learning Officer (CLO)
 
CISSPills #1.02
CISSPills #1.02CISSPills #1.02
CISSPills #1.02Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)Chris Richardson
 
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...Chris Richardson
 
Blockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleBlockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleJoseph Holbrook, Chief Learning Officer (CLO)
 
Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...Chris Richardson
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...Chris Richardson
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and GovCA API Management
 
SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices Chris Richardson
 
Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a ServicePrabath Siriwardena
 
Spring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservicesSpring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservicesChris Richardson
 
Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...Chris Richardson
 
Keeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors HappyKeeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors HappyEran Stiller
 
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...Chris Richardson
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use CasesSachin Yadav
 
QConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice ArchitectureQConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice ArchitectureChris Richardson
 
Oracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservicesOracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservicesChris Richardson
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-onCA Technologies
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuVasu Surabhi
 
Datapower it sec2019
Datapower it sec2019Datapower it sec2019
Datapower it sec2019Goran Angelov
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securityn|u - The Open Security Community
 

Contenu connexe

Tendances

Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)Chris Richardson
 
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...Chris Richardson
 
Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...Chris Richardson
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...Chris Richardson
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and GovCA API Management
 
SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices Chris Richardson
 
Spring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservicesSpring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservicesChris Richardson
 
Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...Chris Richardson
 
Keeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors HappyKeeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors HappyEran Stiller
 
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...Chris Richardson
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use CasesSachin Yadav
 
QConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice ArchitectureQConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice ArchitectureChris Richardson
 
Oracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservicesOracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservicesChris Richardson
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-onCA Technologies
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuVasu Surabhi
 
Datapower it sec2019
Datapower it sec2019Datapower it sec2019
Datapower it sec2019Goran Angelov
 

Tendances (20)

CISSPills #1.02
CISSPills #1.02CISSPills #1.02
CISSPills #1.02
 
Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)Introduction to MicroServices (Oakjug)
Introduction to MicroServices (Oakjug)
 
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
Melbourne Jan 2019 - Microservices adoption anti-patterns: Obstacles to decom...
 
Blockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleBlockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference Jacksonville
 
Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...Events to the rescue: solving distributed data problems in a microservice arc...
Events to the rescue: solving distributed data problems in a microservice arc...
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
 
Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...Solving distributed data management problems in a microservice architecture (...
Solving distributed data management problems in a microservice architecture (...
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and Gov
 
SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices SVCC Developing Asynchronous, Message-Driven Microservices
SVCC Developing Asynchronous, Message-Driven Microservices
 
Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a Service
 
Spring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservicesSpring Days NYC - A pattern language for microservices
Spring Days NYC - A pattern language for microservices
 
Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...Saturn 2018: Managing data consistency in a microservice architecture using S...
Saturn 2018: Managing data consistency in a microservice architecture using S...
 
Keeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors HappyKeeping the Noisy Neighbors Happy
Keeping the Noisy Neighbors Happy
 
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
Mucon 2021 - Dark energy, dark matter: imperfect metaphors for designing micr...
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use Cases
 
QConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice ArchitectureQConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
QConPlus 2021: Minimizing Design Time Coupling in a Microservice Architecture
 
Oracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservicesOracle Code One: Events and commands: developing asynchronous microservices
Oracle Code One: Events and commands: developing asynchronous microservices
 
Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on Simplifying User Access with NetScaler SDX and CA Single Sign-on
Simplifying User Access with NetScaler SDX and CA Single Sign-on
 
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - VasuCA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - Vasu
 
Datapower it sec2019
Datapower it sec2019Datapower it sec2019
Datapower it sec2019
 

Similaire à 451 Research Client Event Nov 10

2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenJohn Rhoton
 
Cloud computing identity management summary
Cloud computing identity management summaryCloud computing identity management summary
Cloud computing identity management summaryBrandon Dunlap
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityNovell
 
CA CloudMinder Vasu Surabhi
CA CloudMinder Vasu SurabhiCA CloudMinder Vasu Surabhi
CA CloudMinder Vasu SurabhiVasu Surabhi
 
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...Club Cloud des Partenaires
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial servicesMoshe Ferber
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1Khazret Sapenov
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in CloudLenin Aboagye
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntelAPAC
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...Club Cloud des Partenaires
 
Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?AWS Germany
 
Code objects overview sep 2012
Code objects overview sep 2012Code objects overview sep 2012
Code objects overview sep 2012steveramsthel
 
Code objects overview sep 2012
Code objects overview sep 2012Code objects overview sep 2012
Code objects overview sep 2012steveramsthel
 

Similaire à 451 Research Client Event Nov 10 (20)

2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
 
Cloud computing identity management summary
Cloud computing identity management summaryCloud computing identity management summary
Cloud computing identity management summary
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
 
CA CloudMinder Vasu Surabhi
CA CloudMinder Vasu SurabhiCA CloudMinder Vasu Surabhi
CA CloudMinder Vasu Surabhi
 
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...
2011.11.22 - Comment développer un Business de Cloud Builder - 8ème Forum du ...
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NAB
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
 
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...
2011.11.22 - Cloud Infrastructure Provider - 8ème Forum du Club Cloud des Par...
 
Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?
 
Code objects overview sep 2012
Code objects overview sep 2012Code objects overview sep 2012
Code objects overview sep 2012
 
Code objects overview sep 2012
Code objects overview sep 2012Code objects overview sep 2012
Code objects overview sep 2012
 

Dernier

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Dernier (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

451 Research Client Event Nov 10

  • 1. Identity and Securing Continuous Services in Discontinuous Infrastructure Steve Coplan, Analyst CLIENT EVENT: BOSTON, DECEMBER 1, 2010
  • 2. The 451 Group Analyzing the business of Enterprise IT Innovation Unique Analysis of the Hosting, Managed Service, Third-Party Datacenter and Internet Infrastructure sectors The Uptime Institute is the leading independent think tank and research body serving the global datacenter industry.
  • 3. About § Longstanding member of the 451 analyst team § Startup experience at acquired security vendor § Expertise in M&A, networks § Only security analyst with a degree in Zulu 3 Client Event: Security |
  • 4. Agenda § What do mean by identity in the cloud? § Cloud security models from an IAM perspective § Security models and compliance § Cloud, security and identity in the cloud § The transition from identity in the cloud to cloud identity § What's the identity in the cloud opportunity? 4 Client Event: Security |
  • 5. The Intersection of Cloud and Identity Enterprise identity Cloud service providers § Authenticated employee § Customer § Group member § Service provisioning construct (revenue § Provisioning Target event) § Role-defined § Customer profile § Authorization set § Service contention priority § SLA input Cloud can be a: ● Shared resource (customer, partner, employee) ● Private cloud ● Off-premise servers, storage, applications ● Hybrid Cloud users can be: ● IT administrators buying cloud resources ● Enterprise users consuming SaaS applications ● Developers running applications/QA on PaaS ● Cloud service providers running a set of services for enterprises 5 Client Event: Security |
  • 6. Objective and Outcome-Oriented Security Outcome: Objective: § Ensure everyone does what § Secure the infrastructure they are supposed to and IT operations § Establish a normative set of § Keep out the bad guys behaviors around the • How to translate this objective to transfer and consumption of a discontinuous infrastructure? information • How to translate this outcome to a set of continuous services? 6 Client Event: Security |
  • 7. Defining Outcome-Oriented Security § Outcome-oriented security is contingent on a set of policy statements § Policy - A principle or rule to guide decisions and achieve rational outcome(s) Central policy definition is great, but what about exceptions? Policy is king, but a king in a constitutional monarchy § Business owners, application owners need delegation capabilities 7 Client Event: Security |
  • 8. Outcome-Oriented Security and Compliance Growing overlap in spending, definitions and operations between compliance and policy § Need to drive automation of compliance processes leads to governance, eg access certification § Visibility is compliance’s greatest gift 8 8 Client Event: Security |
  • 9. Defining Outcome-Oriented Security Questions remain: § How can we enforce stated policy? A stated policy does not an enforced policy make How do we define current state against stated outcome? Visibility is only a precursor to enforcement § Where does trust, privacy and liability fit in? 9 9 Client Event: Security |
  • 10. What does this have to do with identity and the cloud? Identity is important because: § Compliance requirements invoke identity attributes or definitions, access controls and authentication § Identity pivot construct in defining access controls for the cloud • Need to know who you are to describe what you can/can’t do § Identity single control construct for multiple resources • SSO functions as a normalized event stream for a user • Cloud Hybridization, Desktop Virtualization, Device Proliferation escalate need for a consolidated identity and abstracted attributes 10 Client Event: Security |
  • 11. What does this have to do with identity and the cloud? Identity in the cloud is important because: § Identity is the common point of reference for discontinuous infrastructure § Identity is the a key parameter for making sense of visibility § Who is the first question from a business context and by extension policy 11 Client Event: Security |
  • 12. The new frontier 12 Client Event: Security |
  • 13. The Intersection of Cloud and Identity Identity management Cloud service providers vendors are from Venus are from Mars § View identity as a platform § View identity as a middleware component layer or service § View identity as an service § View cloud, virtualization and enablement construct mobile Different understanding of the function of identity § Identity management vendors still dealing with technical challenges of portable identity § Cloud service providers see need for portable identity associated with portable image Need for a match.com broker? 13 Client Event: Security |
  • 14. Identity in the cloud: A maturity model Managed Operational Native Portability portability Portability (Architecture) (Infrastructure) 14 Client Event: Security |
  • 15. From Identity In the Cloud to Cloud Identity: Maturity Model Maturity stage Customers Technology Elements Providers Delivery Model Operational Enterprise SSO Identity management Hybrid: On-premise gateways Portability (Identity providers) Authentication vendors (Incumbents, Federation gateways Service Providers venture-funded partners) Federation (SAML, Federation hubs (relying parties) OpenID, OAuth, WS-Fed) Platform vendors SaaS providers Application Access Paas Providers Control Infrastructure Identity Providers Authorization (XACML Paas/SaaS Providers From the cloud Authentication, (Managed Cloud Service Providers Provisioning/Governance Identity management SSO, trust services Portability) Identity as a Service Cloud access gateways vendors To the cloud Providers Trust brokers Cloud service providers Provisioning User privacy stores In the cloud: Directory in the cloud Architecture Enterprise Embedded middleware Cloud service providers In the cloud -service federation, Cloud service providers Attribute sources PaaS providers image federation (Native Attribute assurance Identity Providers Run-time authentication, Portability) authorization and provisioning Trust brokers Identity as a service Cloud federation vendors Incumbents 15 Client Event: Security |
  • 16. Cloud Identity: Characteristics Granularity Automation Security 16 Client Event: Security |
  • 17. Identity in the cloud: A tale of many markets Enterprise ID Services Transactional Extension (to, from, in the cloud) (Identity providers) 17 Client Event: Security |
  • 18. Identity in the cloud: Meta-issues Liability Trust/Assurance Value 18 Client Event: Security |
  • 19. From Identity In The Cloud to Cloud Identity: Requirements Maturity stage Characteristics Affinities Meta-Issues Portability Automation (+++) Compliance Automation Liability (++) Security (+) Governance Trust/Assurance (++) Granularity (+/-) Value (+) Infrastructure Automation (+++) Policy Management Liability (++) Security (++) Information Management Trust/Assurance (++) Granularity (+) Software Infrastructure as a Value (++) Service Architecture Automation (++++) Service Enablement Liability (+++) Security (++) Big Data Trust/Assurance (+++) Granularity (+++) Value (+++) 19 Client Event: Security |
  • 20. Identity In the Cloud: Strategic But Also Lucrative? Arms dealer Services Transactiona § Incumbents To, from and for l transitioning from the cloud enterprise sales § Diversity of new Model model Consumerization of players § § Architecture enterprise identity § New market question still Trust substrate segments open § unresolved § Tollgate model § Build or embed? 20 Client Event: Security |
  • 21. Identity In the Cloud: Winners and Losers? It’s how you play the game End users § Getting automation, granularity right yields security § Sets the stage to answer the question “what could you do in the cloud” Identity management vendors § Architectural issues, sales model major challenges § Their game to lose Independent identity as a service/federation/authorization vendors § New markets, technology categories opening up 21 Client Event: Security |
  • 22. Identity In the Cloud: Winners and Losers? It’s how you play the game Platform vendors forge into the new frontier § VMWare, Microsoft duke it out for end user tier § PaaS players make a development, embedded run-time play Identity providers § If you build it, they come § Value contingent on required trust, attribute assurance for transaction Cloud service providers § Associating a portable image with a portable identity § Unified cloud environment/integration provider 22 Client Event: Security |
  • 23. Identity In The Cloud • Q&A Q&A 23 Client Event: Security |
  • 24. Identity In The Cloud • Q&A Thank You. Questions? steve.coplan@the451group.com 24 Client Event: Security |