- VMware lends credibility to Cloud Essentials training
- If only your own data warehouse was this secure
- 6 signs of cloudwashing
- Cloud vendors fixation on price is costing them business
- Why I focus on cloud providers and brokers
- What’s the Difference Between Personal and Business Cloud Backup Solutions?
- IT consolidation is just another word for cloud computing
- Who needs cloud sales partners? How can they add value?
- Why do people buy cloud services?
Identity management with multiple cloud providers
With multiple cloud providers, possibly including private clouds and internal IT, how do you make this manageable for the user?
How can you create a single user name that can be used across all these services? Ideally, the user needs to login only once. This is often called ‘Single sign on’ or SSO.
The big picture answer is OpenID. Cloud services and applications should be separated from the management of identities such as user names. A cloud service needs to be a so-called ‘Relying Party’ that relies on an ‘Identity Provider’ for checking the users credentials. The standard for this is OpenID. It is a little like Active Directory from Microsoft, except that OpenID works through web services, and allows multiple Identity Providers to co-exist easily.
One of the nice features is that the application does not have to know the password for the user.
You can see it in action on http://www.livejournal.com/identity/login.bml?type=openid for example.
I am in the process of adding this as a feature to this site, because I do not want to force my subscribers into another account.
Try it out for yourself, and let me know what your experiences are.
From the perspective of the application owner, one of the risks is that the Identity Provider will go out of business. There are a number of mitigation strategies for that, but that might be the topic of another post.