A Survey of Risk: Federated ID Management in Cloud and Grid Computing Presentation by Andy Wood (P11250192)

Slides:



Advertisements
Similar presentations
NRL Security Architecture: A Web Services-Based Solution
Advertisements

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Federal Student Aid Technical Architecture Initiatives Sandy England
Active Directory: Final Solution to Enterprise System Integration
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors.
Software Connectors. Attach adapter to A Maintain multiple versions of A or B Make B multilingual Role and Challenge of Software Connectors Change A’s.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.
1 Overview of Other Global Networks Exchange Network User Group Meeting April 2006.
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Customer Focus Module Preview
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
Identity Management Report By Jean Carreon and Marlon Gonzales.
1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
X-Road – Estonian Interoperability Platform
Cloud Use Cases, Required Standards, and Roadmaps Excerpts From Cloud Computing Use Cases White Paper
Unit – I CLIENT / SERVER ARCHITECTURE. Unit Structure  Evolution of Client/Server Architecture  Client/Server Model  Characteristics of Client/Server.
Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.
1 4/23/2007 Introduction to Grid computing Sunil Avutu Graduate Student Dept.of Computer Science.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Semantic Web Technologies Research Topics and Projects discussion Brief Readings Discussion Research Presentations.
Using Enterprise Logins in Portal for ArcGIS via SAML Greg Ponto & Tom Shippee.
Presented by: Sanketh Beerabbi University of Central Florida.
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
Library Portals John Akeroyd. Portal Definitions Enterprise Information Portals are applications that enable companies to unlock internally and externally.
Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.
Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]
2015 NetSymm Overview NETSYMM OVERVIEW December
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Software Connectors Acknowledgement: slides mostly from Software Architecture: Foundations, Theory, and Practice; Richard N. Taylor, Nenad Medvidovic,
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors in Practice Software Architecture.
- A. Celesti et al University of Messina, Italy Enhanced Cloud Architectures to Enable Cross-Federation Presented by Sanketh Beerabbi University of Central.
IS3220 Information Technology Infrastructure Security
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
Utilising open source tools to map and analyse a domain based IT system.
INDIGO – DataCloud Security and Authorization in WP5 INFN RIA
High degree of user interaction Interactive Systems: Model View Controller Presentation-abstraction-control.
Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Dr. Ir. Yeffry Handoko Putra
GEOSS Federated Single Sign-On
Law Enforcement Information Sharing Program (LEISP) Federated Identity Management Pilot February 27, 2006.
Federation Systems, ADFS, & Shibboleth 2.0
Data and Applications Security Developments and Directions
NextGen Access Control Platform
Software Connectors.
Vittorio Bertocci Principal Technical Evangelist Microsoft
Example Use Case for Attribute Authorities and Token Translation Services - the case for eduGAIN Andrea Biancini.
Software Architecture Lecture 7
Software Architecture Lecture 7
Software Architecture Lecture 7
Successful Implementation of Identity Management Systems Integration
Software Architecture Lecture 6
Presentation transcript:

A Survey of Risk: Federated ID Management in Cloud and Grid Computing Presentation by Andy Wood (P )

Introduction Cloud (and Grid) computing are the new platforms today. Working with business partners is more common place in todays connected world. Managing user accounts across disparate systems is becoming more difficult and costly.

Federated ID Management Federated ID Management (FIdM) allows for simplified user management across security domains. Based on a user authenticating to own DS and their ID used to authenticate to remote services through trust relationships. FIdM is based on not just technology. Many ways to implement – User centric – Business centric

Federated ID Management

Critical Review - Resources Keywords: – (FIdM or Federated) and Cloud and Risk. Resource Databases: – IEEE Xplore; ACM DL; SCOPUS; CiteSeerX and Google Scholar. Resources: – 673 initial resources. – Reduced to final 18. – 5 Further papers added

Critical Review - Criteria Criteria: – Primary / Secondary source – Difficulty to implement – Risk type: Security; Liability; Trust; Assurance or Interoperability – Scalability – Protocols – Citation

Critical Review - Findings Most papers describe similar technologies: – SAML being key protocol for ID transfer – XACML bring key protocol for access control Key risks: – Trust (with 3 rd party); – Interoperability; and – Message security. Scalability of solutions were good Difficulty varied and subjective Olden (2011) describes a typical enterprise benefit with example saving of $4.5m per year.

Critical Review – Risks Liability – Ensuring lines of responsibility Assurance – Processes and procedures being followed: staff vetting; joiners/movers/leavers etc. Trust – Fundamental, but difficult to implement Security – ID theft – Greater exposure than via separate authentication to systems – Message security through exchange of ID information Interoperability – Some standard based mechanisms such as SAML – Others describe extended or bespoke mechanisms – Potential for large federations to include multiple mechanisms Higher risk profile Higher cost for implementation and support

Conclusion Resources were harmonious in design and risk Immature area of technology – Still room for improvement FIdM is more than just technology Lack of described foundation prior to tech FIdM is a business enabler Balance of risk v business enablement Risk profile has to be aligned to each business

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.