Archive for the ‘Platform as a Service (PaaS)’ Category

Private Cloud Identity Management Considerations

Sunday, February 20th, 2011

The most natural evolution for many enterprises in their migration from traditional enterprise IT to a cloud model is the Private Cloud. One of the significant advantages of a private cloud model is the level of control and the level of security that if can offer IT organizations over their own cloud infrastructure.  Traditional Enterprise IdM relies on tight integration and heavy customization. The cloud’s model of sharing resources makes tight coupling a non starter.

The cloud model instead needs an identity management infrastructure with the following characteristics:

  1. Service Oriented – so that applications can take advantage of reusable shared components supported by your IT organization using SaaS (Software as a Service)
  2. Standard Oriented – so that your services can work seamlessly with other applications on premise and off premise (SAML, SPML, XACML, OpenID, etc.).
  3. Loosely Coupled – so that you can build and deploy services by leveraging existing ones using PaaS (Platform as a Service).
  4. Interoperable – work seamlessly with your traditional infrastructure without introducing any deployment risks using IaaS (Infrastructure as a Service).

In a private cloud, your IT has to worry about sustaining compliance and keeping compliance costs down. In a public cloud on other hand, service providers have a significantly higher bar when it comes to compliance.  Audit standards like SAS 70 are applicable to public cloud service providers.  Sustainable compliance demands automation. So technologies like Identity and Access Governance are necessary to meet complex demands of compliance such as attestation and access governance.

Self Service is also critical in private cloud scenarios. Self service can keep administrative overhead costs down. Delegated Administration is also necessary in private clouds so that central IT can delegate control of identity management for departments to departmental owners. Technologies like Identity Administration can help with self service provisioning, password reset and in enforcing delegated administration.

Questions? Feel free to reach out to us at IDMWorks.

Tags: , , , , , , , , , ,
Posted in Cloud Computing, Identity Management, Infrastructure as a Service (IaaS), Oracle Platform Security Services (OPSS), Platform as a Service (PaaS), Software as a Service (SaaS) | 1 Comment »

Cloud Layering through IaaS, PaaS & SaaS

Friday, February 18th, 2011

We have beaten the Public vs. Private Cloud advantages subject to death here on this blog.

So today’s subject will be an explanation of the various layers of Cloud offerings available.

A cloud-based offering can be provided at different levels and with different service models.

1) Infrastructure as a Service (IaaS) – A very basic, low-level infrastructure of servers with operating systems can be provided; Amazon EC2 is probably the most widely known example.

2) Platform as a Service (PaaS) - Offering more structure and composable components gives us “Platform as a Service” such as the Google App Engine or Salesforce’s Force.com.

3) Software as a Service (SaaS) – The highest level offering is a full application, “Software as a Service” such as Oracle’s “On Demand” offerings or Salesforce.com.

But be warned, the higher a level the cloud offering, the less the “customer” of the cloud has to do or build, but the more constrained he is. It’s a trade-off between effort and flexibility.

Furthermore, as you move from IaaS, to PaaS and finally SaaS, you get fewer controls and less visibility into what the service provide offers. Many Service Providers may not implement standards which can make interoperability and integration challenging.

Questions? Feel free to reach out to us at IDMWorks here.

Tags: , , , , , , , , , , ,
Posted in Cloud Computing, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Service Models, Software as a Service (SaaS) | No Comments »