Identity and Access Management (IAM) in the Cloud
Name
Institution
Course
Instructor
Date
Identity and Access Management (IAM) in the Cloud
“Cloud computing is the provision of computational resources on demand via a computer network” (Emam, 2013). Most organizations are adopting cloud computing technology because of its virtualized aspect. Additionally, cloud computing has multiple benefits, include providing unlimited storage for large volumes of data. Organizations that have adopted cloud computing use distributed resources through a network in an open environment. Therefore, security is a critical concept to consider when developing a cloud computing environment. Some of the security issues associated with cloud computing include access control, application security, and authentication.
Like in other systems, security in cloud computing is all about ensuring that the entities and individuals that access data are authorized to. Identity and access management (IAM) has become a critical tool in business that have shifted their operations to the cloud. IAM plays a significant role in promoting cloud security. “Identity and access management (IAM) is perhaps the most important set of security controls” (Dotson, n.d). IAM promotes security in cloud computing systems through authentication, authorization, and provisioning of storage services. However, various challenges have to be addressed for IAM to be efficient.
One of the primary challenges in cloud services is identity provisioning. Identity provisioning involves the secure and timely management of users coming and leaving the cloud. When a user’s is successfully authenticated to use cloud services, a particular part of resources, including storage and network bandwidth are allocated. The resources are made available based on the capacity even when no user is logged on. Cloud architects pre-determine the scale ratios to which resources will be available; therefore, when there are many users logged on, performance can be affected. There need to be measures to ensure that resources are always available for specific objectives so that they cannot go unused when no users are logged on.
To build a provisioning model for cloud IAM that gives users optimum experience, cloud architects have to consider various factor, including the average users that will have access to the cloud. Another thing to consider is the average resources needed per user. Architects need to evaluate the scalability requirements needed for a given like six months to a year. Additionally, it is vital to evaluate the infrastructure that will adequately meet these scalability requirements. Lastly, cloud architects need to answer the critical question of whether a single username can allow several logos because this aspect can affect capacity planning.
There is also a challenge in managing identity across a chain of independent organizations; however, technological advancement is solving it. Organizations have solved this problem by creating multiple logon ids and multiple passwords. However, this can risk the organization’s systems since there are chances users sharing passwords. Federation identity management can be used to minimize the challenges that independent organizations face in using cloud services. “Federation identity management has significant benefits to organizations, particularly those who are in the beginning stages on an IAM program or those are currently or switching to cloud or SaaS-based applications” (Kressin, 2019). Federation simplifies the authentication process, thus improving overall users experience in cloud computing. Additionally, federation ensures that information is not shared with external applications, thus reducing the risk of threats.
References
Emam, A. H. M. (2013). Additional authentication and authorization using registered email-ID
for cloud computing. International Journal of Soft Computing and Engineering, 3(2),
110-113.Retrieved from:
https://pdfs.semanticscholar.org/e7bb/c44c2191c08140fa6938bd1d287ac8e77761.pdf
Dotson, C. (n.d.). Practical Cloud Security. Retrieved February 10, 2020, from
https://www.oreilly.com/library/view/practical-cloud-security/9781492037507/ch04.html
Kressin, J. (2019). Federated Identity Management: A Logical First Step in the IAM Maturity
Model. Identityautomation.Com. https://blog.identityautomation.com/federated-identity
management-a-logical-first-step-in-the-iam-maturity-model