Identity Management for Cloud Computing

Abstract

AbstractCloud Computing is a technology which aims to provide on-demand scalable services over the Internet via Cloud vendors to multi-tenant organizations. Enterprises are interested to move their on-premises infrastructure into cloud computing. However they are still concerned about the security risks implied by the act of embedding their resources within the cloud computing environment.First, this research presents the fundamentals of Cloud Computing. Afterwards, the technical security aspects in Cloud Computing are classified from two perspectives: web applications security issues and virtualization security issues. Both security issues include the threats implied with their mitigation techniques, which consolidates the request to provide an adequate Identity and Management architecture for Cloud Computing.Further, this paper addresses the Identity and Access Management (IAM) security category of the Cloud Computing field, which includes the security requirements, the standards of interest and the current Identity and Access Management solutions.A trusted Identity and Access Management architecture for cloud services assumes establishing the list of the security requirements and using the suitable standards. The paper also relates an evaluation of the existing Identity Access Management solutions.KeywordsCloud Computingprivate Cloudpublic CloudsecurityIAMprovisioningauthenticationaccess controlidentity federationauditingSAMLWS-FederationLiberty AllianceShibbolethSPMLSCIMXACMLOAuth