Cloud Security Service is a multitenant, Web-based identity and access management solution that allows cloud providers to offer assurance and transparency to the enterprise. Our solution provides security capabilities like single sign-on, roles management and audit logs from multiple SaaS applications via a scalable, cloud-ready management platform.
Cloud Security Service is hosted in the cloud, either where the provider hosts its application or via a hosting partner. A user can log on directly or via the enterprise identity system. The service first verifies the identity and, if successful, will generate an identity token in the format needed by the SaaS provider. The user is now authenticated to the SaaS service. Once inside the application, the application connectors that are provided with the service capture deep page-level user activity and provide the audit stream for compliance purposes.
While the model and infrastructure for how IT services are delivered and consumed may have changed with cloud computing, it is still critical that these new solutions support the same characteristics that have always been important. Whether the cloud serves as a test bed for developers prototyping new services and applications or it is running the latest version of a hot social gaming application, users expect it to be up and running every minute of every day. Thinking about both availability and reliability, the cloud needs to be able to continue to operate while data remains intact in the virtual datacenter regardless of a failure in one or more components. Additionally, since most cloud architectures deal with shared resource pools across multiple groups both internal and external, security and multitennancy must be integrated into every aspect of an operational architecture and process. Services need to be able to provide access to only authorized users and in this shared resource pool model the users need to be able to trust that their data and applications are secure.
