90 likes | 178 Views
This presentation by Andy Wood (P11250192) explores the challenges and benefits of Federated ID Management (FIdM) in the realm of Cloud and Grid computing. It delves into the complexities of managing user accounts across diverse systems and the critical need for streamlined user authentication processes. The review examines key resources and criteria for implementing FIdM, highlighting the importance of protocols, scalability, and risk assessment. Findings reveal common technologies and risks associated with FIdM, emphasizing the significance of security, trust, and interoperability. The text concludes by underscoring the evolving nature of FIdM as a business enabler that requires a delicate balance between risk management and operational efficiency.
E N D
A Survey of Risk:Federated ID Management in Cloud and Grid Computing Presentation by Andy Wood (P11250192)
Introduction • Cloud (and Grid) computing are the new platforms today. • Working with business partners is more common place in todays connected world. • Managing user accounts across disparate systems is becoming more difficult and costly.
Federated ID Management • Federated ID Management (FIdM) allows for simplified user management across security domains. • Based on a user authenticating to own DS and their ID used to authenticate to remote services through trust relationships. • FIdM is based on not just technology. • Many ways to implement • User centric • Business centric
Critical Review - Resources • Keywords: • (FIdM or Federated) and Cloud and Risk. • Resource Databases: • IEEE Xplore; ACM DL; SCOPUS; CiteSeerX and Google Scholar. • Resources: • 673 initial resources. • Reduced to final 18. • 5 Further papers added
Critical Review - Criteria • Criteria: • Primary / Secondary source • Difficulty to implement • Risk type: Security; Liability; Trust; Assurance or Interoperability • Scalability • Protocols • Citation
Critical Review - Findings • Most papers describe similar technologies: • SAML being key protocol for ID transfer • XACML bring key protocol for access control • Key risks: • Trust (with 3rd party); • Interoperability; and • Message security. • Scalability of solutions were good • Difficulty varied and subjective • Olden (2011) describes a typical enterprise benefit with example saving of $4.5m per year.
Critical Review – Risks • Liability • Ensuring lines of responsibility • Assurance • Processes and procedures being followed: • staff vetting; • joiners/movers/leavers etc. • Trust • Fundamental, but difficult to implement • Security • ID theft • Greater exposure than via separate authentication to systems • Message security through exchange of ID information • Interoperability • Some standard based mechanisms such as SAML • Others describe extended or bespoke mechanisms • Potential for large federations to include multiple mechanisms • Higher risk profile • Higher cost for implementation and support
Conclusion • Resources were harmonious in design and risk • Immature area of technology • Still room for improvement • FIdM is more than just technology • Lack of described foundation prior to tech • FIdM is a business enabler • Balance of risk v business enablement • Risk profile has to be aligned to each business