Page 128 - How Cloud Computing Is Transforming Business and Why You Cant Afford to Be Left Behind
P. 128
MANA GEMENT STRATEGIES F O R THE CL OUD R EV OL UTION
applications. The “federated” identity moves with the end user
as she changes applications so that she doesn’t have to supply
multiple user names and passwords. In effect, she logs in once
and gets access to all the applications that she needs without
having to do so again, regardless of whether the applications
are in the enterprise or in the cloud. Microsoft says that it can
do more than just enforce controls on end users as they cross
the company boundary and move out into its Azure cloud. It
can identify and authenticate users from other companies or
from the public at large. It can use identity management from
multiple directories, in addition to its own Active Directory,
and use multiple types of identity confirmation. Its Identity
Platform serves as a metadirectory for end user access control.
Microsoft’s approach allows the application to demand a cer-
tain kind of unique identifier, a digital certificate, an Active
Directory name and title, or a Windows token. The system re-
trieves that identifier, if it’s available, and submits it to the ap-
plication, which accepts or rejects it. Identity under this system
is “claims based,” or just a claimed identifier until the applica-
tion accepts it. Some firms, such as start-up Symplified in Boul-
der, Colorado, say that they can also federate identity between
enterprise and cloud users, relying on directory sources.
As this was being written, Fujitsu senior director Daniel
Lawson said that in early 2010, his firm will launch cloud pro-
cessing services at its Dallas, Texas, and Sunnyvale, California,
data centers. The Dallas center will be secure enough to meet
the PCI regulations. Fujitsu can do this by implementing se-
cure FTP setups that ensure that the data that is sent arrives at
108
