Identity Services for Cloud Computing
To support recent discussions about Identity Management and Cloud computing, I divided the types of Identity Services that might be needed to support Application services into three major categories as shown in the following diagram and explained in a bit more detail below:
The specific services provided in each category could include:
Identity Administration Services
- Create, update, delete identities
- Password/credential management
- Entitlement definition/management
- Provision/de-provision access privileges
- Role engineering/management
- Policy definition/management
Identity Enforcement Services
- Authentication
- Authorization
- Access control
- Federation
- Web services security
Identity Audit Services
- Reporting
- Evaluation
- Attestation
- Validation
- Remediation
Did I miss any services that you think should be present? Any input on the categories or types of services? Any input or criticism would be most welcome.