Identity in the Cloud (ID-Cloud) Towards standardizing Cloud Identity

1. www.oasis-open.org Identity in the Cloud (ID-Cloud)Towards standardizing Cloud Identity

2. Cloud Identity Management TC works to address Identity Management challenges related to Cloud Computing Cloud Identity Management is considered a top security concern Identity Management is not completely solved at Enterprise level Standards are evolving Cloud is a new paradigm, so the same problems in new packaging

3. What is it we do? 3 Main objectives: Identifying detailed Use Cases Identity deployment, provisioning and management in a cloud context Define Interoperability Profiles for Identity in the Cloud Profiles will be based on use and combinations of existing standards, protocols and formats Gap Analysis of existing Identity Management standards and protocols when applied in the context of Cloud Based on Use Cases and Interoperability Profiles Feed analysis back to the WG responsible for a standard

4. What is it we do? Other objectives: Glossary on Cloud Identity Harmonized set of definitions, terminologies and vocabulary on Identity in the context of Cloud Do not re-invent the wheel Build on existing standards and specifications Strong liaison relationships with other international working groups ITU-T, Cloud Security Alliance

5. How serious are we about this? Our Technical Committee chairs are: Anil Saldhana (Red Hat) Tony Nadalin (Microsoft) Amongst the member of the Technical Committee are: Red Hat, IBM, Microsoft, CA Technologies, Cisco Systems, SAP, EBay, Novell, Ping Identity, Safe Net, Symantec, Boeing Corp, US DOD, Verisign, Akamai, Alfresco, Citrix, Cap Gemini, Google, Rackspace, Axciom, Huawei, Symplified, Thales, Conformity, Skyworth TTG, MIT, Jericho Systems, PrimeKey, Aveksa, Mellanox, Vanguard Integrity Professionals, NZ Govt ...

6. Current Status Three stages: Use Case formalization (ETA: May/June ’11) Defining the Interoperability Profiles for Identity in the Cloud (ETA: December ’11) Gap Analysis of existing Identity Management Standards

7. Details on Use Cases Received 35 Use Cases of Identity Management in the Cloud Structure of Use Cases: Description / user story Goal / Desired outcome Categories covered Applicable Deployment Models Actors Systems Notable Services Dependencies Assumptions Process Flow

8. Details on Use Cases Categorizations: Authentication Single Sign On (SSO) Multi factor Authentication Infrastructure Identity Establishment General Identity Management Infrastructure IdM Federated IdM Authorization Account & Attribute Management Account & Attribute Provisioning Security Tokens Audit & Compliance

9. Details on Use Cases Applicable Deployment and Service Models: Deployment Models: Private Public Community Hybrid Service Models: SaaS PaaS IaaS Other

10. Details on Use Cases High Ranked Use Cases: Managing Identities at all levels in the Cloud Need for Federated Single Sign On across multiple environments Enterprise to Cloud SSO Auditing Multi-factor Authentication for Privileged User Access

11. Resources OASIS Technical Committee Homepage http://www.oasis-open.org/committees/id-cloud/ OASIS Technical Committee Wiki http://wiki.oasis-open.org/id-cloud/FrontPage Wiki Page with links to member submissions http://wiki.oasis-open.org/id-cloud/MemberSubmissions Gershon.Janssen@gmail.com www.gershonjanssen.com