This presentation aims at: setting the context about Identity in the Cloud; discussing related identity management issues along with core requirements (coming from users and organisations); illustrating, from an HP Labs’ perspective, future possible models, approaches and IT infrastructures to handle Identity in the Cloud. The introduction of the presentation sets some background: it gives an overview of Cloud Computing and its implications, in terms of service provisioning, security, privacy and identity management. In particular it discusses the paradigm shift from a close & controlled approach (within enterprises) to potentially, on-the-fly composable and customisable services, in the Cloud. Use cases are introduced to illustrate “common” usage and management tasks involving Identity in the Cloud - from both user and organisational perspectives, including the implications of having to deal with Identity in composable and dynamic services. New emerging, related threats and risks are briefly discussed, such as the potential growth of bogus service providers, targeted attacks to the weakest points in the service provisioning chain and identity thefts. This will lead to a discussion of key requirements, determined by new interaction models and service-provisioning paradigms in the Cloud, including: control of identity flows and management of distributed user accounts; trust and reputation about service providers in the Cloud; identity assurance; transparency about security practices; privacy (including consent and revocation). I will then discuss current (categories of) identity management solutions and approaches that deal with aspects of Identity in the Cloud (such as identity federation, identity brokering, Identity 2.0, etc.), along with their pros and cons and failures to address some of the core requirements (such as assurance, trust and privacy control). The final part of this presentation challenges current assumptions and approaches and illustrates future directions, by presenting HP Labs’ medium and long–term vision about how the underlying Cloud infrastructure is going to evolve along with its implication in terms of Identity and Identity Management. This includes the paradigm shifts introduced by the usage of trusted virtualisation, remote attestation of platform capabilities (Trusted Computing Platforms) and identity-driven computational environment (coming from the cloud) that could run on local systems (e.g. at the user side); new emerging identity management models driven by identity-aware platforms and policy-driven delegation of credentials; the role that Security and Identity Analytics can play, by using modelling and simulation, to help organisations to evaluating and predicting the consequences of using services in the Cloud, based on assumptions made on the underlying identity management model and existing threats.

1. The Future of Identity in the Cloud: Requirements, Risks & Opportunities Marco Casassa Mont [email_address] HP Labs Systems Security Lab Bristol, UK EEMA e-Identity Conference, 2009

4. Cloud Service Layers Service Users Source: HP Labs, Automated Infrastructure Lab (AIL), Bristol, UK - Peter Toft Cloud Providers Service Providers Cloud Infrastructure Services ( IaaS ) Cloud Platform Services ( PaaS ) Cloud End-User Services ( SaaS ) Physical Infrastructure

5. Cloud Computing: Models Enterprise Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 Internal Cloud CRM Service … Service 3 Backup Service ILM Service Service Service Service Business Apps/Service Employee User … … … The Internet

11. Identity in the Cloud: Enterprise Case Enterprise Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 Internal Cloud CRM Service … Service 3 Backup Service ILM Service Service Service Service Business Apps/Service Employee … … … The Internet Identity & Credentials Identity & Credentials Identity & Credentials Identity & Credentials Identity & Credentials Identity & Credentials Identity & Credentials Authentication Authorization Audit Authentication Authorization Audit Authentication Authorization Audit Authentication Authorization Audit User Account Provisioning/ De-provisioning User Account Provisioning/ De-provisioning User Account Provisioning/ De-provisioning User Account Provisioning/ De-provisioning PII Data & Confidential Information PII Data & Confidential Information PII Data & Confidential Information PII Data & Confidential Information IAM Capabilities and Services Can be Outsourced in The Cloud …

14. Identity in the Cloud: Consumer Case Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 CRM Service Delivery Service Service 3 Backup Service ILM Service User … … … The Internet Identity & Credentials Identity & Credentials Identity & Credentials Authentication Authorization Audit Authentication Authorization Audit Authentication Authorization Audit User Account Provisioning/ De-provisioning User Account Provisioning/ De-provisioning User Account Provisioning/ De-provisioning PII Data & Confidential Information PII Data & Confidential Information PII Data & Confidential Information

18. Identity in the Cloud:Identity Proxy Approach Enterprise Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 Internal Cloud CRM Service … Service 3 Backup Service ILM Service Service Service Service Business Apps/Service Employee … … … The Internet Identity Proxy/Mediator

20. Identity in the Cloud: Federated Approach Enterprise Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 Internal Cloud CRM Service … Service 3 Backup Service ILM Service Service Service Service Business Apps/Service Employee … … … The Internet User Identity Provider (IdP) Identity Provider (IdP) Identity Provider (IdP) Identity Provider (IdP) Registration Registration

28. Trusted Infrastructure: Trusted Virtualized Platform Personal Environment Win/Lx/OSX Corporate Productivity OS Remote IT Mgmt Home Banking Corporate Production Environment OS E-Govt Intf. Corp. Soft Phone Trusted Hypervisor Secure Corporate (Government) Client Persona Personal Client Persona Trusted Corporate Client Appliance Trusted Personal Client Appliances online (banking, egovt) or local (ipod) Services managed from cloud HP Labs: Applying Trusted Computing to Virtualization Source: HP Labs, Systems Security Lab, Richard Brown

32. Identity Assurance Information Management Process, Operations and Controls Registration Identity information Maintenance Destruction Create Identity Verify Accept Accept Add Data Read Id Data Review Correct Audit/Usage Transparency Delete Archive Share Load from other Sites/IdPs/IDM systems Underlying IT System IDM Controls COBIT ISO27000 Physical

33. Identity Assurance: Stakeholders in the Cloud Enterprise Service Provider Service Provider Service Provider Cloud Provider #1 Internal Cloud Service Provider … Service Service Service Business Apps/Service Employee User Identity Provider (IdP) Cloud Provider #2 Service Provider Service Provider Service Provider Identity Provider (IdP) Circle of Trust

34. Identity Assurance in the Cloud Enterprise Service Provider Service Provider Service Provider Cloud Provider #1 Identity Provider (IdP) Cloud Provider #2 Service Provider Service Provider Service Provider Identity Provider (IdP) Circle of Trust Minimal Acceptable Assurance Information Compliance Checking IdP Assurance Information Match Assurance Report  Public  Private Service Providers Assurance Information Legend Identity Assurance Standards Assurance Information Enhance Trust

35. HP Labs Model-based Assurance Approach The model design process proceeds in four steps: 1. Categorize IT Controls/ Processes/Mechanisms needed for Assurance 2. Identify Measurable Aspects of these Controls - Performance Indicators - Correctness Tests 3. Build the Control Analysis Model 4. Use the model to monitor for changing conditions and to provide assurance reports Explicit and Automated Monitoring of IAM Processes and Controls based on Audits & Logs

36. Identity Assurance Model Identity Assurance Conceptual Model Representation of Model in Our Tool Evaluation of Model Against Audit Data and Logs  Assurance Reports

38. Organisations’ IT Security Challenges 02/08/10 Understand the Economics Construct Models Develop Policy (Trusted) IT infrastructure Risk, Assurance, Compliance Threats, Investments Decide & Deploy Technology HP Confidential validation regulation

41. Identity Analytics Applied to The Cloud Case #1 Current State 0.83 0.89 0.94 0.99 0.84 0.90 0.95 1 Effort Level 3480 1032 1134 3378 4512 2281 2230 Access Accuracy Approval Accuracy Productivity Cost IDM Provisioning Costs #Internally Managed Provisioning Activities (Internal Apps) # Externally Managed Provisioning Activities (Services in the Cloud) Case #2 Case #3 Case #4 Accuracy Measures 1 Cost Measures 0.5 10000 20000 30000 40000 33855 25753 17949 10403 11200 14300 17400 20500 High-Level Metrics Tailored to Target CIOs/CISOs & Strategic decision makers Low-Level Measures Tailored to Target Domain Experts Example: Predictions of Outsourcing of IAM Services to the Cloud # Hanging Accounts # Denied Good Accounts # Misconfigured Accounts Overall Approval Time Overall Deployment Time Bypassed Approval Step

42. Security & Identity Analytics Methodology 02/08/10 HP Confidential Scientific Approach based on Modelling & Simulation Information System Empirical Data/Knowledge Conceptual Modelling Formal Modelling Information System PP&T validation Design exploration economic analysis

44. Identity Data + Consent/Revocation Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 CRM Service Delivery Service Service 3 Backup Service ILM Service User … … … The Internet Identity Data & Credentials + Consent/Revocation Identity Data & Credentials + Consent/Revocation Identity Data & Credentials + Consent/Revocation

45. Consent and Revocation Lifecycle

46. EnCoRe: Explicit Management of Consent and Revocation Data Storage Service Office Apps On Demand CPUs Printing Service Cloud Provider #1 Cloud Provider #2 CRM Service … Service 3 Backup Service ILM Service User … … … The Internet EnCoRe Toolbox EnCoRe ToolBox EnCoRe ToolBox EnCoRe ToolBox EnCoRe ToolBox

47. EnCoRe: Explicit Management of Consent and Revocation

50. Thanks and Q&A Contact: Marco Casassa Mont, HP Labs, [email_address]

51. 02/08/10 HP Confidential