Assessing the risks and opportunities of Cloud Computing — Defining identity management systems and maturity models

Despite the potential that Cloud Computing has for revolutionizing every aspect of the software industry, there are significant shortcomings in the area of security and risk assessment and mitigation. The basic value proposition of Cloud Computing is that by leasing applications online, companies have the potential to significantly reduce their operating costs. What is not often pointed out however is the fact that identity management on Cloud Computing platforms is still in its nascent or very embryonic stages. Often identity management systems fail to fully protect all assets of a given Cloud Computing platform as role-based access has yet to be defined and implemented. Lacking is a protocol stack of Cloud Computing Identity Management and a maturity model to assist organizations in assessing their relative levels of risk. The intent of this analysis is to provide the frameworks for both the protocol stack and maturity model for Cloud Computing platforms.

[1]  Harry Katzan,et al.  Software-As-A-Service Economics , 2010, BIS 2010.

[2]  Brian Hayes,et al.  What Is Cloud Computing? , 2019, Cloud Technologies.

[3]  Michael Luckett,et al.  The Effect of Interpersonal Trust, Need for Cognition, and Social Loneliness on Shopping, Information Seeking and Surfing on the Web , 2003 .

[4]  J. Brown,et al.  Moving Information Technology Platforms To The Clouds: Insights Into IT Platform Architecture Transformation , 2009 .

[5]  Csilla Farkas,et al.  Ontology Guided XML Security Engine , 2004, Journal of Intelligent Information Systems.

[6]  Aleda V. Roth,et al.  Martin K. Starr: A Visionary Proponent for System Integration, Modular Production, and Catastrophe Avoidance , 2007 .

[7]  Stefan Osterburg,et al.  A Capacity Supply Model for Virtualized Servers , 2009 .

[8]  Kirk L. Kroeker,et al.  The evolution of virtualization , 2009, CACM.

[9]  Patrick J. Walsh Cloud Security: The brightening future of cloud security , 2009 .

[10]  Anna Formica,et al.  Similarity of XML-Schema Elements: A Structural and Information Content Approach , 2008, Comput. J..

[11]  Nora Cuppens-Boulahia,et al.  Modeling contextual security policies , 2008, International Journal of Information Security.

[12]  Mache Creeger,et al.  CTO Roundtable , 2009, Commun. ACM.

[13]  David Young,et al.  XML: Why Bother? , 2009 .

[14]  Christopher Soghoian,et al.  Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era , 2009, J. Telecommun. High Technol. Law.

[15]  Raouf Boutaba,et al.  A survey of network virtualization , 2010, Comput. Networks.

[16]  Bryan Marshall,et al.  Dimensions of Network Security Planning For Web Services , 2005 .

[17]  Dario Forte Application Delivery: Application delivery: pros and cons both virtual and real , 2009 .

[18]  Gary Anthes,et al.  Security in the cloud , 2010, Commun. ACM.