What's New in Teams Calling, Meetings and Devices March 2024
Architecting a cloud scale identity fabric
1. Architecting a
Cloud-Scale
Identity Fabric by Eric Olden
Execution Environments for Distributed Computing
By João Rosa, Mário Almeida and Alex 'El Baron'
Barcelona 23 April 2012
10. Authorization
The problem: Authorization must envolve to a
distributed model to support users outside the
network firewall
The solution: Authorization in Depth, Grouping
Access, Distributed Federated Model
5
11. Authentication
The problem: SAML adoption is not famous in
the enterprise apps world
The solution: HTTP authentication standard
6
12. User Account Management
The problem: every app performs a user
management differently
The solution: standarlization of user
management APIs
7
13. Auditing
The problem: overcome the lack of visibility in
user access
The solution: framework to understand the
global jurisdictional rules
8
17. Integration (2/2)
Example:
● 10,000 users that access 15 apps.
● In a one-to-one model, this requires 150,000
credentials (passwords).
● Resetting a credential once a year via a $30
help desk results inl $4.5 million expense.
If licensing, deployment, integration, and
maintenance costs are $50,000 p/connection
(15 apps), the total expense would be
$750,000. 11
18. Network effect
As more users and apps are integrated in the
identity network, these benefits extend to other
network members simply by virtue of their
being connected.
12
19. Abstraction
Enterprises must be able to use more than one
type of authentication depending on the level of
risk associated with an app.
13
20. Abstraction
Externalize identity functions for Web apps in
public or private clouds.
Focus on improving apps.
Enterprises can manage identity across
multiple apps more efficiently.
14
22. Identity as a service
Think less about identity technology and focus
on service-level agreements and service
management.
Move from a company-owned to a service-
provider-owned and operated identity
management approach.
15
24. Consumerization
Unexpected viral adoption or porting an app
server to the cloud.
Each identity integration point becomes a
stress point, and each credential creates a
broader attack surface and potential help desk
expense.
16
26. Conclusions
Facebook has exploded in popularity, with
more than 550 million users.
The support for identity sharing via OpenID,
made hundreds of millions of people suddenly
have OpenID credentials.
17
28. Conclusions
An identity fabric:
● provides secure linkage between the
enterprise and the cloud.
● reduces the number of identities and scales
better.
● enables full-scale cloud adoption.
● provides an infrastructure service with on-
demand dial-tone quality.
● benefits users, administrators, vendors, and
service providers in dramatic ways. 19