The identity landscape is changing with the move to cloud. Applications that do not change with it risk becoming unmanageable and creating difficult security holes. Two big disruptions occur when more applications run:
- Outside the firewall as software as a service (SaaS) applications
- On mobile devices, and many of these applications save user names and passwords
Users are adapting to these changes in ways that address the inconveniences, but not necessarily the security concerns. For example, users have no qualms about giving passwords to mobile applications, even though criminals can retrieve passwords when phones are lost. Often, users work around the need for multiple passwords for SaaS applications by reusing the same password on several sites—even though the hacking of one site means that password can be used to gain access to any of the user’s other accounts.
The industry is reacting to these changes with a slew of new authentication and access control standards that are gaining traction. Such standards include Security Assertions Markup Language (SAML), Open Authorization (OAuth) 2.0, OpenID Connect, and Service Capability Interaction Manager (SCIM). This paper provides an overview of these emerging standards and discusses how they fit into the VMware Horizon™ vision of unifying application access and control.
Will Pugh, Kyle Austin