Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and opportunities
Diego Kreutz, Eduardo Feitosa
Citation: Position Papers of the 2014 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 3, pages 101–108 (2014)
Abstract. In our previous work we designed and evaluated the feasibility of highly secure and dependable identity providers (IdPs) for the increasing requirements of future IT infrastructures. In this position paper we extend our previous work by analyzing and discussing the benefits of deploying highly secure and dependable identity providers-as-a-service (IdP-as-a-Service), without compromising the confidentiality of sensitive data and operations. In order to achieve this goal, we discuss some of the forefront challenges of deploying IdP-as-a-Service as a cloud-of-clouds model to ensure important properties such as the resistance against different types of threats and attacks, arbitrary faults, and make it more realistic to improve the system availability up to the three-nines mark. Notwithstanding, the main opportunities towards IdP-as-a-Service are also analyzed. We finish the paper proposing a sustainable business model based on our previous deployments and results, showing that it can be a win-win opportunity, i.e., both IdP-as-a-Service providers and customers can benefit from it.