Building a Strong Foundation for Your Cloud with Identity Management

Posted on:September 26, 2010
Posted in:Identity Services, Oracle Identity Management, The Cloud Identity Series
Posted by:Nishant Kaushik

That was the topic of my talk at OpenWorld this year. Fitting, I think, considering the emphasis that was put on Cloud Computing at OOW this year, starting with Larry’s opening keynote on Sunday.

In my session, I talked about how, thanks in large part to the emergence of cloud computing, enterprises are moving towards a borderless IT infrastructure that is going to change how security is done. The traditional mechanisms of security that are built on topology are going to have to be replaced by a security architecture built on the constant that can actually flow across domain boundaries – identity.

Yoda himself made an appearance to make the point.

My presentation was divided into a few parts:

I revisited the issue of security in cloud computing, in particular highlighting specific areas that need to be addressed.
I talked about the foundational elements to building an identity-based security model for your cloud environment, and how to evolve that into a full-fledged platform for your cloud applications.
I also talked about the products and capabilities available in the Oracle Identity Management 11g suite, and some of our future plans aimed at specifically addressing the cloud.

You can check out the presentation below (I hope to add the session audio to it at some point).

Be Sociable, Share!

Tags: Cloud Computing Cloud Identity Model Cloud Security OOW10 OpenWorld Oracle Identity Management Oracle OpenWorld

Lance

I enjoyed your presentation at OOW, Nishant. I was surprised there weren't more questions at the end.

I'm a big fan of this type of vision for cloud security but I find myself stuck on the same issue that we have with SPML adoption at the application level. Doesn't this approach suffer from the same type of cooperation apathy?

Thanks,

Lance
NishantKaushik

Thanks Lance, I appreciate that. I was surprised by the lack of questions too, though the folks that came up to the stage had some pretty insightful comments and questions.

You are right in that this approach requires a explicit buy-in from developers and the business. But I am more hopeful for success in this regard than the SPML experience would indicate. Partly because application frameworks are getting more mature and more in-depth with these kind of security features, and partly because more ISVs and in-house application development teams are learning the value of not building everything themselves.

Time will tell, but initial feedback has been very positive that if you bake this into the SDLC from the beginning (as we are trying to do through our promotion of OPSS and its integration into IDEs), you will be much more successful.
NishantKaushik

Thanks Lance, I appreciate that. I was surprised by the lack of questions too, though the folks that came up to the stage had some pretty insightful comments and questions.

You are right in that this approach requires a explicit buy-in from developers and the business. But I am more hopeful for success in this regard than the SPML experience would indicate. Partly because application frameworks are getting more mature and more in-depth with these kind of security features, and partly because more ISVs and in-house application development teams are learning the value of not building everything themselves.

Time will tell, but initial feedback has been very positive that if you bake this into the SDLC from the beginning (as we are trying to do through our promotion of OPSS and its integration into IDEs), you will be much more successful.

Recent Posts

Recent Comments

Tags

Connect

Categories

Archives

Disclaimer