Identity in a Cloud
As the Cloud Computing phenomena catches on, the management of Identity becomes even more critical. Consider the simplest use case – A typical consumer is trying to buy a eBook and store it some online storage SaaS provider. The diagram shows the typical flow for this consumer. How can this person link all their accounts using the same identity so that it is easy for them to manage.
Ideally they would have Single Sign On between these disparate providers. Ok, if they do that, how are they convinced that their identity is protected.
This is becoming an important question in the SaaS world. However, does this translate to large enterprises also?
I run the Identity Management program at Sony Pictures Entertainment and am faced with this issue. We have over 400 internal systems (custom web apps, client server apps, packaged apps (SAP, PeopleSoft and several others), mainframe apps – everything u can imagine!!). 50 or so out of these are integrated into our Identity Management program for Single or Simple Sign on. Last few months we have started working with several SaaS vendors for HR, Time & Expense, Facilities management and others… We are mandating that they are all integrated into Identity Management.
The lack of Identity standards and the fact that all these SaaS vendors have implemented their authentication and authorization layers differently, is causing a lot of challenges in our integration. I for one, would like to see this mature as a key enabling factor for enterprises to start adopting SaaS / Cloud Computing.
