Classification of cloud identity management systems!

Nov 22 09:49 2016 elena peter Print This Article

Identity management has always followed IT revolution. That's why it has shown us different different faces time to time and now finaly it has transformed on the cloud. And this article is just a small effort in order to explain these multiple faces of open source cloud identity management platforms.

Cloud identity as a service as the name implies refers the management of identities in the cloud external to the organizational boundaries and applications that use them. The whole process acts as a third party management of identity functions which includes user lifecycle management and single sign on.

Identity management has always been in swing with the ongoing IT revolution. Initially there was only cluster computing which is then followed by Grid and Peer to Peer systems and now it is entirely transformed into cloud computing paradigm. This cloud identity management is itself a broad term that faces regular evolution in its features and services. This continuous evolution brings out various cloud identity management solutions and here we have characterized them on the basis of their deployment architecture and functional behavior. This broad classification highlights their strengths,Guest Posting weaknesses and suitability for cloud.

So let’s look at what options we have on the cloud to manage our identities.

Deployment based classification:

This classification mainly refers to the underlying architecture for the storage, management and flow of identity information. Isolated, centralized or federated identity management solutions are the examples of this category. Let’s understand each one of them in detail.

Isolated cloud IDMs:

In Isolated cloud IDMS there is only single server who acts as a Service Provider as well as an Identity provider. Moreover this single server also deals with the storage of all the identities and all the user operations. There is no dependency on any third party service for the credential issuance and verification.This is why it becomes unmanageable with the increase in resources and services.

Centralized cloud IDMs:

In this kind of cloud identity management system,there is a separate identity provider for the storage, issuance and management of identity data. The only difference between isolated IDMs and Centralized IDMs is that it separates the functions of IDPs and Sp.

Federated cloud IDMs:

Federated cloud identity management is the realization of federated identity management model. In this model multiple enterprises can use the same identification information for gaining the access to all the networks within a particular group of trusted enterprises. This identity management platform has received significant attention from the businesses because of its easy design that allows cross-domain access to its users that too without any need of creating additional user accounts.

Feature based classification of cloud IDMs:

This category includes anonymous and user-centric identity management systems. These systems are entirely independent of underlying architecture. The key emphasization is on the functionality of the identity management system such as user centricity and anonymity.

User-Centric cloud based IDMs:

In this type of cloud identity management platform a user is the part of every identity provisioning transaction. In this kind of platform, CSC’s are responsible for the storage, management and retrieval of their personal identity information. In it CSCs are all responsible for every decision about the exchange of their identity credentials with other trusted third party entities such as CSPs,IDPs or users. From the privacy point of view, User-centric IDMs consider user preferences prior to disclosing the identity information to the SPs.

Anonymous cloud IDMs:

Anonymous identity management as the name refers offers anonymity as a feature in an identity management system. This anonymous identity management system is capable of keeping its entity(owner) secret from everyone else by assigning an anonymous identity to it. And this anonymous identity should be strong enough that make it hard to disclose the actual identity since data inferred may be connected with other information and can be reused.



Source: Free Guest Posting Articles from

About Article Author

elena peter
elena peter

Elena Peter is a digital marketing enthusiast. She loves to involve herself with the latest trend of the technical market and blogging. Her primary focus of research lies upon identity management and customer satisfiction.

View More Articles