- Cloud Computing Basics
- Cloud Computing - Home
- Cloud Computing - Overview
- Cloud Computing - Evolution
- Cloud Computing - Characteristics
- Cloud Computing - Advantages
- Cloud Computing - Planning
- Cloud Computing - Technologies
- Cloud Computing - Architecture
- Cloud Computing - Infrastructure
- Cloud Deployment Models
- Public Cloud Model
- Private Cloud Model
- Hybrid Cloud Model
- Community Cloud Model
- Cloud Service Models
- Infrastructure Service
- Platform Service
- Software ervice
- Identity Service
- Network Service
- IaaS, PaaS, and SaaS
- Cloud Virtualization
- Cloud Computing Virtualization
- Server Virtualization
- Data Virtualization
- Software Virtualization
- Storage Virtualization
- Network Virtualization
- Linux Virtualization
- Cloud Advanced Concepts
- Cloud Computing - Management
- Cloud Computing - Data Storage
- Cloud Computing - Security
- Cloud Computing - Operation
- Cloud Computing - Applications
- Cloud Computing - Providers
- Cloud Computing - Challenges
- Cloud Computing - Mobile
- Google Cloud Platform
- Cloud Computing - Multitenancy
- Hypervisor Security
- Cloud Computing - Principles
- Security Architecture
- Fault Tolerance
- Cloud Computing - Resiliency
- Service Level Agreements
- Cloud Networking
- Server Consolidation
- Cloud Computing - Scaling
- Autoscaling vs Load Balancer
- Scalability and Elasticity
- Cloud Bursting vs Cloud Scaling
- Resource Pooling
- Load Balancing
- Security Threats in Implementation SaaS
- Cloud Computing - Data Center
- Cloud Computing - Aneka
- Cloud Computing - Rapid Elasticity
- Cloud Computing - Xaas
- Cloud Computing - DaaS
- Cloud Computing - CaaS
- Cloud Computing - Roots
- Cloud Hosting vs Web Hosting
- Colocation vs Cloud
- iCloud Drive vs Dropbox
- SAP vs Oracle Cloud
- Cloud Computing vs Data Science
- Cloud Integration Platform
- Onedrive and iCloud
- Private Cloud and On-premise
- What is Cloudcraft
- Bitbucket Cloud API
- Akamai vs Cloudflare
- AWS CloudWatch vs Datadog
- Cloud Burst
- Cloudflare vs CloudFront
- Elastic Cloud on Azure
- Cloud Useful Resources
- Cloud Computing - Quick Guide
- Cloud Computing - Useful Resources
- Cloud Computing - Discussion
Cloud Computing Identity as a Service (IDaaS)
Employees in a company require to login to system to perform various tasks. These systems may be based on local server or cloud based. Following are the problems that an employee might face:
Remembering different username and password combinations for accessing multiple servers.
If an employee leaves the company, it is required to ensure that each account of that user is disabled. This increases workload on IT staff.
To solve above problems, a new technique emerged which is known asIdentity-asa-Service (IDaaS).
IDaaS offers management of identity information as a digital entity. This identity can be used during electronic transactions.
Identity
Identityrefers to set of attributes associated with something to make it recognizable. All objects may have same attributes, but their identities cannot be the same. A unique identity is assigned through unique identification attribute.
There are severalidentity servicesthat are deployed to validate services such as validating web sites, transactions, transaction participants, client, etc. Identity-as-a-Service may include the following:
- Directory services
- Federated services
- Registration
- Authentication services
- Risk and event monitoring
- Single sign-on services
- Identity and profile management
Single Sign-On (SSO)
To solve the problem of using different username and password combinations for different servers, companies now employ Single Sign-On software, which allows the user to login only one time and manage the access to other systems.
SSOhas single authentication server, managing multiple accesses to other systems, as shown in the following diagram:
SSO Working
There are several implementations of SSO. Here, we discuss the common ones:
Following steps explain the working of Single Sign-On software:
User logs into the authentication server using a username and password.
The authentication server returns the user's ticket.
User sends the ticket to intranet server.
Intranet server sends the ticket to the authentication server.
Authentication server sends the user's security credentials for that server back to the intranet server.
If an employee leaves the company, then disabling the user account at the authentication server prohibits the user's access to all the systems.
Federated Identity Management (FIDM)
FIDMdescribes the technologies and protocols that enable a user to package security credentials across security domains. It usesSecurity Markup Language (SAML)to package a user's security credentials as shown in the following diagram:
OpenID
It offers users to login into multiple websites with single account. Google, Yahoo!, Flickr, MySpace, WordPress.com are some of the companies that support OpenID.
Benefits
- Increased site conversation rates
- Access to greater user profile content
- Fewer problems with lost passwords
- Ease of content integration into social networking sites