« The Loser's Game | Main | Valuable Lessons from Hyundai Capital CEO »




Great point, and one that will work particularly well with the US government, enterprise and others. Particularly applications as a service and also for other service modes. Does the enterprise really want to outsource provisioning?

Cloud providers should pay more attention to incorporating existing identity, credential and access management schemes and their associated validation infrastructures than trying to re-invent the wheel. I find it very interesting the extent to which any cloud provider has (not) promoted an ability to adopt PIV or PIV-I credentials. Some of this results from the weakness of many existing IdPs but this is certainly not the case with the Fed. Its a use case waiting to be exploited.

If nothing else enterprise or other identity credentials could be used as breeder credentials linked to identifiers cloud service provides can then manage and synchronize with regards to status (e.g. valid/suspended/revoked).



The comments to this entry are closed.