How management of individual identities, their authentication, authorization, roles and privileges are implemented in secure cloud computing ?
In current cloud solutions, individuals merely have to pass one-factor-authentication, e.g. users in SaaS. The future way must be the expansion to two- or even three-factor-authentication to avoid harm if one of the factors surprisingly becomes broken.
The management of roles and privileges resembles that of non-cloud-computing.
From a security perspective cloud computing is totally different from on-premise computing. In effect one has transferred much of the access control to the cloud service provider. This, however, has not been reason for many cloud users to change their security approach.
With respect to identity management they continue to behave as Gunther Fahrnberger points out; in much the same way as they would behave on-premise. The choice of which assets to position in the cloud could possibly effect in rethinking identity management aspects.
As companies add more cloud services to their IT environments, the process of managing identities is getting more complex. When companies use cloud services -- services they don't control themselves -- they still must develop sound policies around role-based access. They still must grant rights to users who need information to get work done. And they must be able to automatically take away those privileges when people leave a company or change roles. On top of it all, companies using cloud services are also bound by any compliance rules that govern their identity and access management (IAM) initiatives.
Reference:
http://www.darkreading.com/identity-management-in-the-cloud/d/d-id/1140751
The following paper may be useful in this regard:
- Badges
- Science method