Identity-based security and the cloud

Grazed from GigaOM. Author: David Linthicum.

The rise of cloud computing has led to the reassessment of how both cloud and non-cloud systems approach security. Considering the complex and distributed nature of cloud-based platforms, security approaches that leverage identity are the best fit. This will require a fundamental shift in thinking — and in technology.

There are many players in the field of identity and access management (IAM) ranging from the old guard of Oracle, CA, and IBM to newer players that are built specifically for the cloud. However, the movement to identity-based solutions is not as easy as the technology providers describe. While it’s fairly straightforward to build new approaches to security in new applications that reside on the cloud, the harder aspect of IAM is to extend this security model to the traditional enterprise, so the entire environment is secure. Security should be consistent and systemic, which is lacking in most traditional enterprise systems. This security problem needs to be solved before moving to the cloud…

In this report we’ll look at the concept of IAM, as related to the emerging use of cloud, and in the context of traditional enterprises that are adopting the cloud. We’ll consider changes that need to happen, best practices, new concepts (such as centralized trust), and solutions that IT buyers should consider right now…

Read more from the source @ http://research.gigaom.com/report/identity-based-security-and-the-cloud/