Monday, March 12, 2012

Simple Cloud Identity Management - Getting Started

Good news! The folks behind SCIM have decided to begin the process to formalize SCIM at the IETF. To kick things off, there will be a birds-of-a-feather session planned for the upcoming IETF meeting in Paris at the end of the month.
The above diagram shows the typical scenario that SCIM attempts to solve. The perspective of SCIM is to provide a common RESTful API for cloud SaaS providers that enterprises could use to provision accounts. Instead of an enterprise having to provision users to many cloud providers using many different APIs, SCIM proposes a simple provisioning API that all application service providers could support.

SCIM's deployment architecture model is a simple hub-and-spoke model where the enterprise IDM system is at the "hub" and each cloud service provider is a spoke. The idea behind SCIM is that each spoke is enabled by a standardized 'connector' using a standardized SCIM RESTful API.  Without SCIM, the alternative is that enterprise provisioning systems have to support many different proprietary service APIs.

So far, I'm impressed with SCIM. It does the job it was designed for. But it does it solve all the requirements for cloud provisioning? I'll get into that in my next blog post.

For more information, check out the SCIM mailing list at IETF.

1 comment:

vance wilders said...

strategic planning is the key for successful cloud implementation. That encompasses security and the set-up protocols for it to be optimized for you enterprise.

Post a Comment