SlideShare a Scribd company logo

How Cloud Providers' Business Needs Drive Enterprise Identity & Security

Novell
Novell

Follow the Money: How Cloud Providers' Business Needs Drive Enterprise Identity & Security Kuppinger Cole + Partner European Identity Conference 2010 Dale Olds, Distinguished Engineer, Cloud Security Services www.intelligentworkloadmanagement.com www.novell.com/feeds/cloudchasers

Business
1 of 30
Download to read offline
Follow the Money How Cloud Providers' Business Needs Drive Enterprise Identity & Security Kuppinger Cole + Partner European Identity Conference 2010 Dale Olds, Distinguished Engineer, Cloud Security Services dolds@novell.com https://virtualsoul.org
Agenda • Identify business drivers behind the shifting landscape of enterprise IT, SaaS vendors, and cloud providers • Anticipate resulting trends and their implications for security and identity systems • Put it all together with some recommendations 2 © Novell, Inc. All rights reserved.
The Shifting Landscape of Enterprise IT, SaaS Vendors, and Cloud Providers
A Series of Shifts in the IT Landscape • Mainframe to mini computing – For example, the Digital Equipment Corporation Programmed Data Processors such as the PDP-11 • Mini and mainframes to PCs and Macs • Workgroup networks and NetWare • Open Source: Linux, Apache, etc. • Cloud computing and SaaS • In all of these cases, the driving force was departmental autonomy pulling in products and services under the enterprise IT radar 4 © Novell, Inc. All rights reserved.
The Players: Enterprises, SaaS Vendors, Hosters/Cloud Providers SaaS Enterprise Vendors Host enterprise applications, Pre-Cloud Reduce IT costs, Increase reliability ISPs IaaS PaaS Hosters Cloud Providers 5 © Novell, Inc. All rights reserved.
Motivations for the Shift to the Cloud •Easy to try, and use deep domain expertise •Low commitment, no cap-ex, departments need no IT approval SaaS Enterprise Vendors •Outsource compute/storage/net to focus on domain expertise •Elasticity and the rest of Cloud Goodness ISPs Hosters IaaS PaaS •Value added services, incremental revenue gains 6 © Novell, Inc. All rights reserved. •More automation, virtualization, lower costs
What Enterprises, SaaS vendors, and Cloud Providers Want Now • Enterprises want: – Easy and simple to try, use, and discard – Deep domain expertise, more easily accessed expertise – No commitments, no cap-ex, no IT dept approval, etc. • SaaS Vendors want: – Security and reduced risks for their customers – reduced liability – Focus on core competencies and domain expertise – Increase and retain customers by building community around their application • Cloud Providers want: – Customer retention – stickiness – Value added services up the stack – incremental revenue – Lower administration and management costs – automation 7 © Novell, Inc. All rights reserved.
Current Trends and Traps
Three Trends Affecting Cloud Evolution & Enterprise Security 1.Identity-based security is increasing in importance ● Cloud services are pushing enterprises to emphasize identity- based security rather than network security 2.SaaS and IaaS are converging on PaaS ● Infrastructure providers are moving up stack and applications need to be extensible... converging on platform services, including identity services. 3.Cloud providers are increasingly offering identity services – and becoming identity providers ● Identity services provide much needed security, and stickiness. ● Application marketplaces are growing around identity hubs 9 © Novell, Inc. All rights reserved.
Trend 1: Identity-based Security is Increasingly Required
Identity-based Security Cloud services are pushing enterprises to emphasize identity-based security rather than network security – information security rather than network security. Network security services like SSL connections, firewalls, edge security devices are insufficient when accessing Cloud services. “It could be that moving even more stuff to the cloud is what will cause the debates, design and actions to build in identity, claim, tokens, policies and related security services. You can't hide behind a facade of 'network security' when there is no network.” From Gunnar Peterson, 1raindrop.typepad.com Separating identity sources from applications that securely use identity information is essential – the identity provider model 11 © Novell, Inc. All rights reserved.
Authentication Methods Supported by SaaS Applications •SAML2 was the most common authentication method supported of the methods tested with ¼ of SaaS Providers supporting, but another ¼ indicated supporting other authentication methods not listed. •1/3 of respondents were not aware of the specific authentication methods supported by their SaaS application. 12 © Novell, Inc. All rights reserved.
Security Capabilities Customers Are Asking SaaS Providers About • Audit tracking, Single sign-on and Provisioning of users were the three main security capabilities customers are asking SaaS providers about; about ½ of SaaS providers indicated customers asked them about these capabilities. 13 © Novell, Inc. All rights reserved.
Trap: Don't Be Lulled by Exclusive Focus on Authentication and SSO • Externalized authentication and the identity provider model is essential, urgent, and solvable now – it's the lowest hanging fruit • BUT externalized authentication is just the first step and is not sufficient for security in the cloud – There are huge benefits of less identification – more externalized authorization. > See “Identity Crisis” by Jim Harper – Claims, policies – Transparency, audit, compliance • Externalized authentication is the means to an end 14 © Novell, Inc. All rights reserved.
Trend 2: SaaS and IaaS are Converging on PaaS
SaaS and IaaS => PaaS Extensibility, Pivotlink, Salesforce, Netsuite, Taleo, Customizability, Software as a Service SuccessFactors. etc. Community Apps are secured by vendors Common services e.g. Google App Engine, force.com, Azure. billing, identity, load balancing, elasticity of Platform as a Service storage and compute, etc. GoGrid, Amazon EC2, Value added Opsource, etc. services, billing, Infrastructure as a Service Machine images are SLAs secured by vendors 16 © Novell, Inc. All rights reserved.
Security Responsibilities Full application stack and infrastructure is secured Software as a Service by vendors – customer handles data in and out ? Platform as a Service Who is responsible for securing the application here? Machine images are Infrastructure as a Service secured by vendors, everything else is up to customer – no guarantees about running code, etc. 17 © Novell, Inc. All rights reserved.
Trap: Don't Assume PaaS Security is like SaaS or IaaS • Security responsibilities on PaaS applications are not so clearly delineated • IaaS security responsibilities end at the virtual machine boundary – customer is responsible for security of all code above the hypervisor – http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise/ • SaaS security responsibility is entire application code stack • PaaS contains some customer code and some cloud provider code • Know your security responsibilities 18 © Novell, Inc. All rights reserved.
Trend 3: Cloud Providers Are Adding Identity Services
Cloud Providers as Identity Providers • Cloud providers are increasingly offering federated identity services – and becoming identity providers • Identity providers in the sense of a federation hub and optionally user accounts • Identity services provide much needed security, and stickiness. If ... Cloud operators want to woo mature enterprise customers to use their services, they are leaving money on the table and not fulfilling customer needs by failing to roll out complimentary security capabilities which lessen the compliance and security burdens of their prospective customers. From Chris Hoff, www.rationalsurvivability.com/blog 20 © Novell, Inc. All rights reserved.
Primary Type of Hosting Environment SaaS Applications Use •Third Party dedicated hosting was the most common hosting environment used by 38%, but followed closely by the use of own internal servers by 35%. 28% indicated using Cloud hosting through an IaaS provider. •All three show significant levels of usage by SaaS Providers. 21 © Novell, Inc. All rights reserved.
SaaS Provider Preferred Method to Offer Security Capabilities to Customers •1/3 of SaaS Providers prefer to build the requested security capabilities in- house … but 1/3 above were also unaware of their authentication methods. •¼ indicated they would prefer to OEM from a third party vendor and another ¼ indicated they would prefer to source as part of their hosting environment. 22 © Novell, Inc. All rights reserved.
Cloud Providers and the Opportunity of a SaaS Marketplace • Beyond providing common identity services to their SaaS customers, Cloud Providers benefit directly – Needed stickiness – Incremental revenue • Explosive growth is possible with network effects of multiple SaaS vendors – User account (or federation broker) is the hub – Possible integration of other services • Ultimately SLAs come from the cloud provider – Including identity as an integration service on that foundation is key to producing a platform 23 © Novell, Inc. All rights reserved.
Examples • Google Apps Marketplace – Common accounts via Google Apps – Federated to applications with OpenID • Force.com – Common accounts via Salesforce.com – Federated with SAML • Opsource – Billing for SaaS vendors – And as of last week, stronger SLAs > http://www.opsource.net/press/opsource-sets-new-sla-standard-cloud-computing-guarantees-cloud-reliability-perfo • Possible marketplace providers: Telcos, hosters 24 © Novell, Inc. All rights reserved.
Traps: Cloud Provider Services vs SaaS & IDaaS Point Solutions • Identity as a Service vendors – Exist between the enterprise and the SaaS vendor > Passport model – see Kim's Law of Justifiable Parties – Here now and not going away but may conflict with cloud providers growing tendency to be the identity provider • Departmental adoption vs. identity provider operating on behalf of the enterprise – Market forces lead to cloud providers with common identity services hubs – But there are disjoint management boundaries between departmental adoption of SaaS and enterprise identity providers 25 © Novell, Inc. All rights reserved.
Putting it all Together with Recommendations
Summary • Identity provider model is essential for cloud computing • Increasing need for identity-based security in addition to network security • SaaS and IaaS are moving toward PaaS, with undefined security responsibilities • Identity services offered by cloud providers make sense • SaaS marketplaces provide advantages to SaaS vendors, cloud providers – and enterprises 27 © Novell, Inc. All rights reserved.
Recommendations • There are many excellent standards that support the identity provider model – SAML, WS-Fed, OpenID, information cards – and shipping products that implement them. Use them. them • Make your security needs known to your SaaS vendors, hosters, cloud providers • Look for the rise of SaaS application stores built around a cloud provider hub with common identity and security infrastructure. They are a good idea. • Beware of the interplay between departmental use of Cloud services and IT control of the Identity Provider. – If you're an enterprise, it's politics. – If you're a cloud provider or identity services vendor, we still have technology design and standards work to do. 28 © Novell, Inc. All rights reserved.
Thank you
How Cloud Providers' Business Needs Drive Enterprise Identity & Security

Recommended

Alice(SaaS Platform) Brochure
Alice(SaaS Platform) BrochureAlice(SaaS Platform) Brochure
Alice(SaaS Platform) Brochure
Ekartha Inc
 
Business and Online Services - Ben Kepes
Business and Online Services - Ben KepesBusiness and Online Services - Ben Kepes
Business and Online Services - Ben Kepes
Intergen
 
Meta soft corporate profile
Meta soft corporate profileMeta soft corporate profile
Meta soft corporate profile
MetasoftSolutionsPvtLtd
 
Going to the Cloud
Going to the Cloud Going to the Cloud
Going to the Cloud
José Ferreiro
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
ikanow
 
Building and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureBuilding and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and Infrastructure
Darren Cunningham
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Novell
 
Contrast cbt cloud computing - v.2
Contrast cbt cloud computing - v.2Contrast cbt cloud computing - v.2
Contrast cbt cloud computing - v.2
contrastcbt
 

Recommended

Alice(SaaS Platform) Brochure
Alice(SaaS Platform) BrochureAlice(SaaS Platform) Brochure
Alice(SaaS Platform) Brochure
Ekartha Inc
 
Business and Online Services - Ben Kepes
Business and Online Services - Ben KepesBusiness and Online Services - Ben Kepes
Business and Online Services - Ben Kepes
Intergen
 
Meta soft corporate profile
Meta soft corporate profileMeta soft corporate profile
Meta soft corporate profile
MetasoftSolutionsPvtLtd
 
Going to the Cloud
Going to the Cloud Going to the Cloud
Going to the Cloud
José Ferreiro
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
ikanow
 
Building and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureBuilding and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and Infrastructure
Darren Cunningham
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Novell
 
Contrast cbt cloud computing - v.2
Contrast cbt cloud computing - v.2Contrast cbt cloud computing - v.2
Contrast cbt cloud computing - v.2
contrastcbt
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs Elite
Jon G. Hall
 
Enterprise Private Cloud Computing
Enterprise Private Cloud ComputingEnterprise Private Cloud Computing
Enterprise Private Cloud Computing
Cisco Canada
 
Smart Clouds for Smart Companies
Smart Clouds for Smart CompaniesSmart Clouds for Smart Companies
Smart Clouds for Smart Companies
Peter Coffee
 
Cloud Computing Webinar
Cloud Computing WebinarCloud Computing Webinar
Cloud Computing Webinar
Saif Ahmad
 
2010 Software Licensing and Pricing Survey Results and 2011 Predictions
2010 Software Licensing and Pricing Survey Results and 2011 Predictions2010 Software Licensing and Pricing Survey Results and 2011 Predictions
2010 Software Licensing and Pricing Survey Results and 2011 Predictions
Flexera
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - Chandna
Asheem Chandna
 
What is behind the cloud
What is behind the cloudWhat is behind the cloud
What is behind the cloud
Joseph Remesar
 
Cloud Tools for Connected Communities
Cloud Tools for Connected CommunitiesCloud Tools for Connected Communities
Cloud Tools for Connected Communities
Peter Coffee
 
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
Web2Present
 
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the CloudPublic, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
OpSource
 
Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...
Khazret Sapenov
 
SugarCON partner presentation by IBM
SugarCON partner presentation by IBMSugarCON partner presentation by IBM
SugarCON partner presentation by IBM
Bevdewitt
 
Security in a Cloudy Architecture
Security in a Cloudy ArchitectureSecurity in a Cloudy Architecture
Security in a Cloudy Architecture
Bob Rhubart
 
The Cloud Concierge
The Cloud ConciergeThe Cloud Concierge
The Cloud Concierge
Bob Rhubart
 
Rackforce the cloud
Rackforce the cloudRackforce the cloud
Rackforce the cloud
sdeconf
 
MPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsMPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service Models
Cisco Service Provider
 
Having the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should CareHaving the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should Care
Peter Coffee
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
Internap
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
HKISPA
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
Novell
 
Cloud Computing For Enterprises
Cloud Computing For EnterprisesCloud Computing For Enterprises
Cloud Computing For Enterprises
One App Cloud
 

More Related Content

What's hot

Cloud Computing Webinar
Cloud Computing WebinarCloud Computing Webinar
Cloud Computing Webinar
Saif Ahmad
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - Chandna
Asheem Chandna
 
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the CloudPublic, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
OpSource
 
Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...
Khazret Sapenov
 
MPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsMPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service Models
Cisco Service Provider
 
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
HKISPA
 

What's hot (20)

Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs Elite
 
Enterprise Private Cloud Computing
Enterprise Private Cloud ComputingEnterprise Private Cloud Computing
Enterprise Private Cloud Computing
 
Smart Clouds for Smart Companies
Smart Clouds for Smart CompaniesSmart Clouds for Smart Companies
Smart Clouds for Smart Companies
 
Cloud Computing Webinar
Cloud Computing WebinarCloud Computing Webinar
Cloud Computing Webinar
 
2010 Software Licensing and Pricing Survey Results and 2011 Predictions
2010 Software Licensing and Pricing Survey Results and 2011 Predictions2010 Software Licensing and Pricing Survey Results and 2011 Predictions
2010 Software Licensing and Pricing Survey Results and 2011 Predictions
 
Cloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - ChandnaCloud Computing - Jan 2011 - Chandna
Cloud Computing - Jan 2011 - Chandna
 
What is behind the cloud
What is behind the cloudWhat is behind the cloud
What is behind the cloud
 
Cloud Tools for Connected Communities
Cloud Tools for Connected CommunitiesCloud Tools for Connected Communities
Cloud Tools for Connected Communities
 
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
 
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the CloudPublic, Private and Hybrid: For Enterprise, It's All About the Cloud
Public, Private and Hybrid: For Enterprise, It's All About the Cloud
 
Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...Cloud marketplaces will open standards makes dreams of profitability a realit...
Cloud marketplaces will open standards makes dreams of profitability a realit...
 
SugarCON partner presentation by IBM
SugarCON partner presentation by IBMSugarCON partner presentation by IBM
SugarCON partner presentation by IBM
 
Security in a Cloudy Architecture
Security in a Cloudy ArchitectureSecurity in a Cloudy Architecture
Security in a Cloudy Architecture
 
The Cloud Concierge
The Cloud ConciergeThe Cloud Concierge
The Cloud Concierge
 
Rackforce the cloud
Rackforce the cloudRackforce the cloud
Rackforce the cloud
 
MPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsMPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service Models
 
Having the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should CareHaving the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should Care
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
Data center 2.0: Cloud computing - opportunities or threats to HK IT by Mr. ...
 

Similar to How Cloud Providers' Business Needs Drive Enterprise Identity & Security

Cloud Computing For Enterprises
Cloud Computing For EnterprisesCloud Computing For Enterprises
Cloud Computing For Enterprises
One App Cloud
 
Presentation on cloud computing
Presentation on cloud computingPresentation on cloud computing
Presentation on cloud computing
BIJIT GHOSH
 
Radu crahmaliuc 23feb2012
Radu crahmaliuc 23feb2012Radu crahmaliuc 23feb2012
Radu crahmaliuc 23feb2012
Agora Group
 
Lets Do the Cloud-CFO Summit 2013
Lets Do the Cloud-CFO Summit 2013Lets Do the Cloud-CFO Summit 2013
Lets Do the Cloud-CFO Summit 2013
Aimi Aizal Nasharuddin
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasy
Samantha James
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
Khazret Sapenov
 
VMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell Groupwise
Mike K
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
Al Afflitto
 

Similar to How Cloud Providers' Business Needs Drive Enterprise Identity & Security (20)

Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Cloud Computing For Enterprises
Cloud Computing For EnterprisesCloud Computing For Enterprises
Cloud Computing For Enterprises
 
LotusLive
LotusLiveLotusLive
LotusLive
 
Presentation on cloud computing
Presentation on cloud computingPresentation on cloud computing
Presentation on cloud computing
 
ON event - May 2010
ON event - May 2010ON event - May 2010
ON event - May 2010
 
Radu crahmaliuc 23feb2012
Radu crahmaliuc 23feb2012Radu crahmaliuc 23feb2012
Radu crahmaliuc 23feb2012
 
Cloud Security Alliance - Guidance
Cloud Security Alliance - GuidanceCloud Security Alliance - Guidance
Cloud Security Alliance - Guidance
 
Lets Do the Cloud-CFO Summit 2013
Lets Do the Cloud-CFO Summit 2013Lets Do the Cloud-CFO Summit 2013
Lets Do the Cloud-CFO Summit 2013
 
Cloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasyCloud computing in south africa reality or fantasy
Cloud computing in south africa reality or fantasy
 
Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1Telecoms in the Clouds Issue 1
Telecoms in the Clouds Issue 1
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
 
Midlands Data Center | Saas Whitepaper
Midlands Data Center | Saas WhitepaperMidlands Data Center | Saas Whitepaper
Midlands Data Center | Saas Whitepaper
 
Cloud computing identity management summary
Cloud computing identity management summaryCloud computing identity management summary
Cloud computing identity management summary
 
Making Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark RivingtonMaking Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark Rivington
 
Unit 3 Cloud Computing.pdf
Unit 3 Cloud Computing.pdfUnit 3 Cloud Computing.pdf
Unit 3 Cloud Computing.pdf
 
VMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell Groupwise
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 

More from Novell

Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
Novell
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
Novell
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
Novell
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
Novell
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
Novell
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
Novell
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
Novell
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
Novell
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
Novell
 

More from Novell (20)

Filr white paper
Filr white paperFilr white paper
Filr white paper
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
 

Recently uploaded

Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Anamikakaur10
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
amitlee9823
 

Recently uploaded (20)

Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 

How Cloud Providers' Business Needs Drive Enterprise Identity & Security

  • 1. Follow the Money How Cloud Providers' Business Needs Drive Enterprise Identity & Security Kuppinger Cole + Partner European Identity Conference 2010 Dale Olds, Distinguished Engineer, Cloud Security Services dolds@novell.com https://virtualsoul.org
  • 2. Agenda • Identify business drivers behind the shifting landscape of enterprise IT, SaaS vendors, and cloud providers • Anticipate resulting trends and their implications for security and identity systems • Put it all together with some recommendations 2 © Novell, Inc. All rights reserved.
  • 3. The Shifting Landscape of Enterprise IT, SaaS Vendors, and Cloud Providers
  • 4. A Series of Shifts in the IT Landscape • Mainframe to mini computing – For example, the Digital Equipment Corporation Programmed Data Processors such as the PDP-11 • Mini and mainframes to PCs and Macs • Workgroup networks and NetWare • Open Source: Linux, Apache, etc. • Cloud computing and SaaS • In all of these cases, the driving force was departmental autonomy pulling in products and services under the enterprise IT radar 4 © Novell, Inc. All rights reserved.
  • 5. The Players: Enterprises, SaaS Vendors, Hosters/Cloud Providers SaaS Enterprise Vendors Host enterprise applications, Pre-Cloud Reduce IT costs, Increase reliability ISPs IaaS PaaS Hosters Cloud Providers 5 © Novell, Inc. All rights reserved.
  • 6. Motivations for the Shift to the Cloud •Easy to try, and use deep domain expertise •Low commitment, no cap-ex, departments need no IT approval SaaS Enterprise Vendors •Outsource compute/storage/net to focus on domain expertise •Elasticity and the rest of Cloud Goodness ISPs Hosters IaaS PaaS •Value added services, incremental revenue gains 6 © Novell, Inc. All rights reserved. •More automation, virtualization, lower costs
  • 7. What Enterprises, SaaS vendors, and Cloud Providers Want Now • Enterprises want: – Easy and simple to try, use, and discard – Deep domain expertise, more easily accessed expertise – No commitments, no cap-ex, no IT dept approval, etc. • SaaS Vendors want: – Security and reduced risks for their customers – reduced liability – Focus on core competencies and domain expertise – Increase and retain customers by building community around their application • Cloud Providers want: – Customer retention – stickiness – Value added services up the stack – incremental revenue – Lower administration and management costs – automation 7 © Novell, Inc. All rights reserved.
  • 9. Three Trends Affecting Cloud Evolution & Enterprise Security 1.Identity-based security is increasing in importance ● Cloud services are pushing enterprises to emphasize identity- based security rather than network security 2.SaaS and IaaS are converging on PaaS ● Infrastructure providers are moving up stack and applications need to be extensible... converging on platform services, including identity services. 3.Cloud providers are increasingly offering identity services – and becoming identity providers ● Identity services provide much needed security, and stickiness. ● Application marketplaces are growing around identity hubs 9 © Novell, Inc. All rights reserved.
  • 10. Trend 1: Identity-based Security is Increasingly Required
  • 11. Identity-based Security Cloud services are pushing enterprises to emphasize identity-based security rather than network security – information security rather than network security. Network security services like SSL connections, firewalls, edge security devices are insufficient when accessing Cloud services. “It could be that moving even more stuff to the cloud is what will cause the debates, design and actions to build in identity, claim, tokens, policies and related security services. You can't hide behind a facade of 'network security' when there is no network.” From Gunnar Peterson, 1raindrop.typepad.com Separating identity sources from applications that securely use identity information is essential – the identity provider model 11 © Novell, Inc. All rights reserved.
  • 12. Authentication Methods Supported by SaaS Applications •SAML2 was the most common authentication method supported of the methods tested with ¼ of SaaS Providers supporting, but another ¼ indicated supporting other authentication methods not listed. •1/3 of respondents were not aware of the specific authentication methods supported by their SaaS application. 12 © Novell, Inc. All rights reserved.
  • 13. Security Capabilities Customers Are Asking SaaS Providers About • Audit tracking, Single sign-on and Provisioning of users were the three main security capabilities customers are asking SaaS providers about; about ½ of SaaS providers indicated customers asked them about these capabilities. 13 © Novell, Inc. All rights reserved.
  • 14. Trap: Don't Be Lulled by Exclusive Focus on Authentication and SSO • Externalized authentication and the identity provider model is essential, urgent, and solvable now – it's the lowest hanging fruit • BUT externalized authentication is just the first step and is not sufficient for security in the cloud – There are huge benefits of less identification – more externalized authorization. > See “Identity Crisis” by Jim Harper – Claims, policies – Transparency, audit, compliance • Externalized authentication is the means to an end 14 © Novell, Inc. All rights reserved.
  • 15. Trend 2: SaaS and IaaS are Converging on PaaS
  • 16. SaaS and IaaS => PaaS Extensibility, Pivotlink, Salesforce, Netsuite, Taleo, Customizability, Software as a Service SuccessFactors. etc. Community Apps are secured by vendors Common services e.g. Google App Engine, force.com, Azure. billing, identity, load balancing, elasticity of Platform as a Service storage and compute, etc. GoGrid, Amazon EC2, Value added Opsource, etc. services, billing, Infrastructure as a Service Machine images are SLAs secured by vendors 16 © Novell, Inc. All rights reserved.
  • 17. Security Responsibilities Full application stack and infrastructure is secured Software as a Service by vendors – customer handles data in and out ? Platform as a Service Who is responsible for securing the application here? Machine images are Infrastructure as a Service secured by vendors, everything else is up to customer – no guarantees about running code, etc. 17 © Novell, Inc. All rights reserved.
  • 18. Trap: Don't Assume PaaS Security is like SaaS or IaaS • Security responsibilities on PaaS applications are not so clearly delineated • IaaS security responsibilities end at the virtual machine boundary – customer is responsible for security of all code above the hypervisor – http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise/ • SaaS security responsibility is entire application code stack • PaaS contains some customer code and some cloud provider code • Know your security responsibilities 18 © Novell, Inc. All rights reserved.
  • 19. Trend 3: Cloud Providers Are Adding Identity Services
  • 20. Cloud Providers as Identity Providers • Cloud providers are increasingly offering federated identity services – and becoming identity providers • Identity providers in the sense of a federation hub and optionally user accounts • Identity services provide much needed security, and stickiness. If ... Cloud operators want to woo mature enterprise customers to use their services, they are leaving money on the table and not fulfilling customer needs by failing to roll out complimentary security capabilities which lessen the compliance and security burdens of their prospective customers. From Chris Hoff, www.rationalsurvivability.com/blog 20 © Novell, Inc. All rights reserved.
  • 21. Primary Type of Hosting Environment SaaS Applications Use •Third Party dedicated hosting was the most common hosting environment used by 38%, but followed closely by the use of own internal servers by 35%. 28% indicated using Cloud hosting through an IaaS provider. •All three show significant levels of usage by SaaS Providers. 21 © Novell, Inc. All rights reserved.
  • 22. SaaS Provider Preferred Method to Offer Security Capabilities to Customers •1/3 of SaaS Providers prefer to build the requested security capabilities in- house … but 1/3 above were also unaware of their authentication methods. •¼ indicated they would prefer to OEM from a third party vendor and another ¼ indicated they would prefer to source as part of their hosting environment. 22 © Novell, Inc. All rights reserved.
  • 23. Cloud Providers and the Opportunity of a SaaS Marketplace • Beyond providing common identity services to their SaaS customers, Cloud Providers benefit directly – Needed stickiness – Incremental revenue • Explosive growth is possible with network effects of multiple SaaS vendors – User account (or federation broker) is the hub – Possible integration of other services • Ultimately SLAs come from the cloud provider – Including identity as an integration service on that foundation is key to producing a platform 23 © Novell, Inc. All rights reserved.
  • 24. Examples • Google Apps Marketplace – Common accounts via Google Apps – Federated to applications with OpenID • Force.com – Common accounts via Salesforce.com – Federated with SAML • Opsource – Billing for SaaS vendors – And as of last week, stronger SLAs > http://www.opsource.net/press/opsource-sets-new-sla-standard-cloud-computing-guarantees-cloud-reliability-perfo • Possible marketplace providers: Telcos, hosters 24 © Novell, Inc. All rights reserved.
  • 25. Traps: Cloud Provider Services vs SaaS & IDaaS Point Solutions • Identity as a Service vendors – Exist between the enterprise and the SaaS vendor > Passport model – see Kim's Law of Justifiable Parties – Here now and not going away but may conflict with cloud providers growing tendency to be the identity provider • Departmental adoption vs. identity provider operating on behalf of the enterprise – Market forces lead to cloud providers with common identity services hubs – But there are disjoint management boundaries between departmental adoption of SaaS and enterprise identity providers 25 © Novell, Inc. All rights reserved.
  • 26. Putting it all Together with Recommendations
  • 27. Summary • Identity provider model is essential for cloud computing • Increasing need for identity-based security in addition to network security • SaaS and IaaS are moving toward PaaS, with undefined security responsibilities • Identity services offered by cloud providers make sense • SaaS marketplaces provide advantages to SaaS vendors, cloud providers – and enterprises 27 © Novell, Inc. All rights reserved.
  • 28. Recommendations • There are many excellent standards that support the identity provider model – SAML, WS-Fed, OpenID, information cards – and shipping products that implement them. Use them. them • Make your security needs known to your SaaS vendors, hosters, cloud providers • Look for the rise of SaaS application stores built around a cloud provider hub with common identity and security infrastructure. They are a good idea. • Beware of the interplay between departmental use of Cloud services and IT control of the Identity Provider. – If you're an enterprise, it's politics. – If you're a cloud provider or identity services vendor, we still have technology design and standards work to do. 28 © Novell, Inc. All rights reserved.