Over a million developers have joined DZone.

Projecting Identity to the Cloud

· Cloud Zone

Download the Essential Cloud Buyer’s Guide to learn important factors to consider before selecting a provider as well as buying criteria to help you make the best decision for your infrastructure needs, brought to you in partnership with Internap.

I'm on the other side of the world, working with partners and customers this week on some pretty exciting stuff, so my colleague Isabelle Mauny will be ably giving the presentation on Single Sign-On to Cloud Services over in New York at the Cloud Expo.

So what is the reason for Single Sign-On to Cloud services? It's all part of "Bring Your Own Identity" (BYOI). BYOI is a major trend for Cloud services. Witness the many "Log in with Facebook" and "Log in with Google" buttons on sites like TripIt. In the enterprise, it's about "Identity Projection" where users log in as usual (e.g. with Active Directory, or to a corporate portal) and then are seamlessly logged into Cloud-based services such as a corporate Google Mail account. This means projecting your corporate identity up to the Cloud service. It's "Bring Your Own Corporate Identity". And Single Sign-On is what enables this.

The most obvious benefit of this is that is saves the user the hassle of keying in another password. That is a good benefit, but there are a lot more:

- As Nik Cubrilovic put it in his detailed treatise on the "The Anatomy Of The Twitter Attack", "Bad human habit #1: Using the same passwords everywhere. We are all guilty of it." If you ask users to log in to multiple services in order to get their work done, they will most likely use the same password everywhere. This provides an attacker with a "find once, use anywhere" approach to passwords. But if Single Sign-On is used, no password is ever sent up to the Cloud service. This is all part of the trend to minimize password use, for good reasons.

- It is costly to manage all those passwords. Over the years, it has been proven that password resets cost a lot of money. They waste productivity (users can't get to the information they need for their work), and tie up IT helpdesk people. As mentioned in the point above, in the Cloud world all those password resets create a security threat.

- Agility. The word is over-used, but in the case of Single Sign-on to the Cloud, it means that new Cloud-based services can be brought on-stream for employees (TripIt for travel management is a good example), without having to provision all those employees with new passwords.

I think that this "Projection of identity to the Cloud" is going to be an important topic going forward. The session is at 3.15pm on Wednesday June 8th at the Javits Center.

The Cloud Zone is brought to you in partnership with Internap. Read Bare-Metal Cloud 101 to learn about bare-metal cloud and how it has emerged as a way to complement virtualized services.

Topics:

Published at DZone with permission of Mark O'Neill, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}