Identity and Access Management in the Cloud Computing Environments

Identity and Access Management in the Cloud Computing Environments

Manoj V. Thomas (National Institute of Technology Karnataka, India) and K. Chandrasekaran (National Institute of Technology Karnataka, India)
Copyright: © 2016 |Pages: 30
DOI: 10.4018/978-1-5225-0153-4.ch003
OnDemand PDF Download:
$37.50

Abstract

Nowadays, the issue of identity and access management (IAM) has become an important research topic in cloud computing. In the distributed computing environments like cloud computing, effective authentication and authorization are essential to make sure that unauthorized users do not access the resources, thereby ensuring the confidentiality, integrity, and availability of information hosted in the cloud environment. In this chapter, the authors discuss the issue of identity and access management in cloud computing, analyzing the work carried out by others in the area. Also, various issues in the current IAM scenario in cloud computing, such as authentication, authorization, access control models, identity life cycle management, cloud identity-as-a-service, federated identity management and also, the identity and access management in the inter-cloud environment are discussed. The authors conclude this chapter discussing a few research issues in the area of identity and access management in the cloud and inter-cloud environments.
Chapter Preview
Top

Background

In the Cloud Computing domain, an efficient IAM is essential for maintaining the confidentiality, integrity and availability of the data stored in the cloud. Generally, in the cloud environment, access control mechanism is required at each of the following layers (Alliance, 2011):

  • 1.

    Network Layer: An access control mechanism at the network layer should not allow a user to see any system or a specified portion of a network (Ping, Route commands) in the cloud unless the access policies allow him to do so.

  • 2.

    System Layer: A user should not be allowed to access any particular host or system in the cloud unless the access policies allow him to do so.

  • 3.

    Application Layer: Access to the cloud applications or any functionality of the applications should be governed by the access control rules, and the access should be permitted after verifying the identities and attributes of a cloud user.

  • 4.

    Process Layer: Access control policies and rules should be effectively used to define the processes or functions that a user is allowed to run within an application.

  • 5.

    Data Layer: In the cloud domain, access policies or rules could be used to control the user’s access to the data area and file system. Also, the individual files and the various fields (as in a database system) should be controlled from illegal access.

Complete Chapter List

Search this Book:
Reset