IAM IN FEDERATED CLOUD 1

Functions of IAM in federated cloud

Name

Institution affiliated

Course
IAM IN FEDERATED CLOUD 2

Functions of IAM in federated cloud

Each entity in a cloud environment, including administrators and users, needs an identity

to use the service. The cloud service provider must first verify entity accounts before allowing

them to use cloud resources (authentication). Once on the server, the provider must also decide

what users can do (user rights), hence access management. IAM is, therefore, vital in any cloud

computing settings. While “the cloud presents organizations and service providers alike with

tremendous value and opportunity” (Goulding, 2010, p 15), managing identities remains a

considerable challenge for many organizations. The discussion focuses on the functions of IAM,

clearly demonstrating its role in federated environments.

"Federated identity is a concept, not a specific technology" (Dotson, n.d.). In simple

terms, it refers to the practice of allowing users to use one user account for multiple systems,

where the system admins agree to engage a central identity provider for the process of verifying

users. It means that users do not have to create different identities for each system. Instead, users

create one account with the identity provider uses it across multiple systems. Google is one of

the most common identity providers. Federated identity management has many challenges,

mainly because the cloud system has to be in constant communication with the identity provider.

However, it makes things easy for users, as they do not have to cram different credentials for

every platform they use.

IAM plays a vital role in identity provisioning in a federated cloud environment. As Indu,

Anand and Bhaskar note, “IAM in the cloud environment is a crucial concern for the acceptance

of cloud-based services” (pg. 2). Identity provisioning is at the heart of federated cloud services,

as it involves creating the user accounts clients use on the system. The secure and timely

management of onboarding and offboarding users in a cloud is often a complicated and

IAM IN FEDERATED CLOUD 3

challenging task. As such, enterprises invest in a user management systems that simplify the

process.

Another vital function of IAM is the authentication of user accounts. In other words, IAM

verifies that a user is who they claim to be. Users can authenticate themselves using different

means, but the common method is the use of a username and matching password. In some cases,

users may also verify their identities using biometrics. In a federated cloud environment, users

can maintain a single account for more than one system. When a user tries to log onto one of

these systems, it redirects them to a central identity provider that it trusts for authentication. The

identity provider verifies the user and “sends them back to the original website with proof that it

has verified the user” (Dotson, n.d.).

IAM in cloud services and on-premise services are quite similar, and they almost use the

same techniques in access and identity management. The new technologies make security easier

and much more effective. Authentication and authorization are vital in access and identity

management. IAM also plays an essential role in ensuring user proper and safe storage of user

credentials. Examples of cloud infrastructure providers include Microsoft Azure, Amazon Web

Service, and IBM.

IAM IN FEDERATED CLOUD 4

References

Dotson, C. (n.d.). Practical Cloud Security. Retrieved February 10, 2020, from

https://www.oreilly.com/library/view/practical-cloud-security/9781492037507/ch04.html

Goulding, J. T. (2010). identity and access management for the cloud: CA Technologies strategy

and vision. Tech. Rep. May, CA Technologies.

Indu, I., Anand, P. R., & Bhaskar, V. (2018). Identity and access management in cloud

environment: Mechanisms and challenges. Engineering science and technology, an

international journal, 21(4), 574-588.