Explain Identity Access management.

1 month ago
Cloud Computing

Security in any system involves primarily ensuring that the right entity gets access to only the authorized data in the authorized format at an authorized time and from an authorized location. Identity and access management (IAM) is of prime importance in this regard as far as Indian businesses are concerned. This effort should be complemented by the maintenance of audit trails for the entire chain of events from users logging in to the system, getting authenticated, and accessing files or running applications as authorized.

Even in a closed, internal environment with a well-established “trust boundary”, managing an Active Directory server, an LDAP server or other alternatives is no easy task. And for IAM in the cloud, the challenges and problems are magnified many times over. An Indian organization moving to the cloud could typically have applications hosted on the cloud and a database maintained internally, with users logging on and getting authenticated internally on a local Active Directory server. Just imagine attempting single sign-on (SSO) functionality in such a scenario! Cloud delivery models comprising mainly SaaS, PaaS and IaaS require seamless integration between cloud services and the organization’s IAM practices, processes, and procedures, in a scalable, effective and efficient manner.

Identity provisioning challenges

The biggest challenge for cloud services is identity provisioning. This involves secure and timely management of onboarding (provisioning) and off-boarding (de-provisioning) of users in the cloud.

When a user has successfully authenticated to the cloud, a portion of the system resources in terms of CPU cycles, memory, storage, and network bandwidth is allocated. Depending on the capacity identified for the system, these resources are made available on the system even if no users have been logged on. Based on projected capacity requirements, cloud architects may decide on a 1:4 scale or even 1:2 or lower ratios. If projections are exceeded and more users log on, the system performance may be affected drastically. Simultaneously, adequate measures need to be in place to ensure that as usage of the cloud drops, system resources are made available for other objectives; else they will remain unused and constitute a dead investment.

Dipti KC
Dec 19, 2022
More related questions

Questions Bank

View all Questions