SailPoint Technologies



Similar documents
1 Novell Use Cases. 1.1 Use Case: Per Tenant Identity Provider Configuration Description/User Story Goal or Desired Outcome

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

Fundamental Concepts and Models

Cloud Computing. Cloud computing:

Abstract 1. INTRODUCTION

Chapter 11 Cloud Application Development

Open Data Center Alliance Usage: Cloud Based Identity Provisioning Rev. 1.0

Kroll Ontrack VMware Forum. Survey and Report

Course Details V1.0. Selinis Technologies Pvt Ltd. 2012, All Rights Reserved

Cloud Computing and Big Data What Technical Writers Need to Know

An Oracle White Paper September Oracle Database and the Oracle Database Cloud

THE CLOUD AND ITS EFFECTS ON WEB DEVELOPMENT

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

Fact Sheet Yellowfin & Cloud Computing

Cloud Computing. Exclusive Research from

In a dynamic economic environment, your company s survival

Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0

Take IT to the Cloud. K12 Education White Paper

Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0

Salesforce Admin Course Content: Chapter 1 CRM Introduction Introduction to CRM? Why CRM?

Fundamental Concepts and Models

CloudCmp:Comparing Cloud Providers. Raja Abhinay Moparthi

Open Cloud System. (Integration of Eucalyptus, Hadoop and AppScale into deployment of University Private Cloud)

GRNET-4. Offering Cloud Services to the Greek R&E Community. Yannis Mitsos 1 ymitsos@noc.grnet.gr, Panos Louridas 1 louridas@grnet.gr.

Cloud Computing Essentials Course Outline

Emerging Tax Issues Surrounding Cloud Computing Transactions By S. Matthew McNeilly, CPA

globus online Cloud Based Services for Science Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory

Big Data & Its Bigger Possibilities In The Cloud

Identity in the Cloud Use Cases Version 1.0

HOTPin Integration Guide: Google Apps with Active Directory Federated Services


Customer Cloud Architecture for Mobile.

Planning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise

Analysis of the European Platform-as-a-service Market. The Need for Efficient Application Delivery will Influence PaaS Growth

How To Compare Cloud Computing To Cloud Platforms And Cloud Computing

Building Success on Acquia Cloud:

NEXT UP: John Sanderson, Windows Azure Specialist (Denver) Page 1

Open Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0

Getting Familiar with Cloud Terminology. Cloud Dictionary

Persistence Market Research

How to Turn the Promise of the Cloud into an Operational Reality

How cloud computing can transform your business landscape.

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Research Report. Abstract: The Impact of Cloud Computing on the Channel. September By Jeff Hine and Bill Lundell

CLOUD COMPUTING. Keywords: Cloud Computing, Data Centers, Utility Computing, Virtualization, IAAS, PAAS, SAAS.

CLOUD COMPUTING OVERVIEW

(PACS, EMR, CPOE, RCM,

Ensuring a Thriving Cloud market: Why interoperability matters for business and government

OPEN DATA CENTER ALLIANCE Usage Model: Guide to Interoperability Across Clouds

Cloud Computing Architecture: A Survey

The Cloud Computing Revolution: Beyond the Hype

Cloud Panel Service Evaluation Scenarios

CLOUD COMPUTING IN HIGHER EDUCATION

DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Adoption of Cloud Computing Model in Government

DLT Solutions and Amazon Web Services

SaaS, PaaS & TaaS. By: Raza Usmani

D3.1: Operational SaaS Test lab

MDE Opportunities in Multi-Tenant Cloud Applications

Healthcare: La sicurezza nel Cloud October 18, IBM Corporation

Migrating to the Embedded Cloud:

Cloud Adoption. The definitive guide to a business technology revolution. shaping tomorrow with you

How To Understand Cloud Computing

CLOUD COMPUTING OVERVIEW

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

Cloud Computing. What is Cloud Computing?

Get to Market Quickly With No Upfront Costs. Lorenz Meis, COO at LuxCloud

white paper Using WAN Optimization to support strategic cloud initiatives

Implementing, Serving, and Using Cloud Storage

FI-WARE Cloud Overview

Securely Outsourcing to the Cloud: Five Key Questions to Ask

Webstore - Reselling Cloud

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Building More Reliable Cloud Services The CUMULUS Project

Build A private PaaS.

Service Models. Chapter Three

Cloud Service Rollout. Chapter 9

Proactively Secure Your Cloud Computing Platform

Rapid Application Development

Développement logiciel pour le Cloud (TLC)

Computing Platforms Web applications Business applications Social applications

Cloud Provider Solutions

CSO Cloud Computing Study. January 2012

Katerina Apostolaki, Marketing Manager

Nessus or Metasploit: Security Assessment of OpenStack Cloud

Cloud 101. Mike Gangl, Caltech/JPL, 2015 California Institute of Technology. Government sponsorship acknowledged

How cloud computing can transform your business landscape

Cloud Computing 101 Dissipating the Fog 2012/Dec/xx Grid-Interop 2012

Architectural Implications of Cloud Computing

Kristin Donceel June IBM Corporation

Cloud Computing Essentials Course Outline

Keyword: Cloud computing, service model, deployment model, network layer security.

1 Introduction. 2 What is Cloud Computing?

擁抱雲端 建立高效便捷的服務 Embracing Cloud Computing to reduce cost and complexity

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Prof. Luiz Fernando Bittencourt MO809L. Tópicos em Sistemas Distribuídos 1 semestre, 2015

Phone: Fax:

DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Government s Cloud Computing Programme

Peter Zhang, Ph.D. Principal consultant, ZHTECH Corporation Adjunct Professor, Cal State University, Fullerton

Leveraging Technology New Horizons Computer Learning Center of Memphis

Transcription:

SailPoint Technologies OASIS Cloud ID Technical Committee Use Case Submission Author Darran Rolls, SailPoint Technologies Doc Version 001 Last Changed Date 11/24/10 6:43 AM Change Summary First release of the Cloud ID use cases from SailPoint Technologies Index SailPoint Technologies...1 OASIS Cloud ID Technical Committee Use Case Submission...1 Index...1 1. Use Case One: Describe Entitlement Model...1 2. Use Case Two: List Accounts & Entitlement Assignments...3 3. Use Case Three: Governance Based Provisioning...4 1. Use Case One: Describe Entitlement Model 1.1. Description/User Story 1.1.1. In this use case, the provider of a cloud-based application (either direct SaaS or indirect PaaS) may be obligated to provide documentation that describes the scope and capabilities of the entitlements that it provides for user assignment 1.1.2. Entitlement documentation formats must be machine readable and should enable external management systems to understand and consume its entitlement model for the following purposes 1.1.2.1. Creating external enterprise roles that encapsulate application entitlements for the purpose of assignment management

1.1.2.2. Creating entitlement-to-data mapping that facilitates understand what data elements (structured and unstructured) that may be accesed with a given entitlement 1.2. Goal or Desired Outcome 1.2.1. A goal of this use case is to enable external management systems to collect a detailed understanding of how entitlements are collected together for the purpose of assignment management within the application 1.2.2. A goal of this use case is to enable external management systems to define external encapsulations (roles or managed attribtes) that can be used to control account and entitlement provisioning 1.2.3. A goal of this use case is to enable external management systems to create mapping and management facilities that detail what a given entitlement gives entitlement to. An example being listing an application entitlement and the four processing functions that the entitlement gives access to 1.2.4. A goal of this use case is to enable external management systems to create entitlement glossaries/dictionaries/metadata repositories for enhanced identity governance 1.3. Categories Covered 1.3.1. TBD 1.4. Deployment and Service Models 1.4.1. This use case applies to the following cloud service models 1.4.1.1. Cloud Deployment Models 1.4.1.1.1. Private 1.4.1.1.2. Public 1.4.1.1.3. Community 1.4.1.1.4. Hybrid 1.4.1.2. Service Models 1.4.1.2.1. Software-as-a-Service (SaaS) 1.4.1.2.2. Platform-as-a-Service (PaaS) 1.5. Actors 1.5.1. The following actors take part in this use case 1.5.1.1. Cloud Based Application (CBA) 1.5.1.2. External Identity Governance Application (IGA) 1.6. Systems 1.6.1. TBD 1.7. Notable Services 1.7.1. It is assumed that the Cloud Based Application Provider provides a remote API or request able service point that facilitates the request/response protocol for the collection of the defined entitlement model 1.7.2. The remote API or request able service point that facilitates the request/response protocol for the collection of the defined entitlement model may be provided by an external application proxy or information provider 1.8. Dependencies

1.8.1. TBD 1.9. Assumptions 1.9.1. TBD 1.10. Process Flow 1.10.1. The external Identity Governance Application (IGA) contacts the Cloud Based Application (CBA) and establishes a secure connection 1.10.2. The IGA requests an export of the assignable entitlement model for the application 1.10.3. The CBA creates a machine readable document export of the assignable entitlement model and returns it to the IGA 1.10.4. The IGA then requests an export of the target data (structured and unstructured) that is managed behind a given assignable entitlement 1.10.5. The CBA creates a machine readable document export of the target data (structured and unstructured) that is managed for the defined assignable entitlement 2. Use Case Two: List Accounts & Entitlement Assignments 2.1. Description/User Story 2.1.1. In this use case, the provider of a cloud-based application (either direct SaaS or indirect PaaS) may be obligated to provide documentation that describes the user accounts it maintains and provide details of entitlements and general assigned/managed for it 2.1.2. Entitlement documentation formats must be machine readable and should enable external management systems to understand and consume its account and entitlement assignment model for the purposes of Identity & Access Governance 2.1.3. This use case is differentiated from similar use case required for provisioning as it may be provided without any of the expected write capabilities that usually come with a remote provisioning service / capability 2.2. Goal or Desired Outcome 2.2.1. The goal of this use case is to enable external management systems to collect a detailed understanding of all accounts and entitlements being employed by a target cloud based application 2.3. Categories Covered 2.3.1. TBD 2.4. Deployment and Service Models 2.4.1. This use case applies to the following cloud service models 2.4.1.1. Cloud Deployment Models 2.4.1.1.1. Private 2.4.1.1.2. Public 2.4.1.1.3. Community 2.4.1.1.4. Hybrid 2.4.1.2. Service Models

2.4.1.2.1. Software-as-a-Service (SaaS) 2.4.1.2.2. Platform-as-a-Service (PaaS) 2.5. Actors 2.5.1. The following actors take part in this use case 2.5.1.1. Cloud Based Application (CBA) 2.5.1.2. External Identity Governance Application (IGA) 2.6. Systems 2.6.1. TBD 2.7. Notable Services 2.7.1. It is assumed that the Cloud Based Application (CBA) or its provider enables a remote API or requestable service point that facilitates the request/response protocol for the collection of the defined account and entitlement model 2.7.2. The remote API or requestable service point that facilitates the request/response protocol for the collection of the defined account and assigned entitlement model may be provided by an external application proxy or provider 2.8. Dependencies 2.8.1. TBD 2.9. Assumptions 2.9.1. TBD 2.10. Process Flow 2.10.1. The external Identity Governance Application (IGA) contacts the Cloud Based Application (CBA) and establishes a secure connection 2.10.2. The IGA requests an export of the account and assigned entitlement model for the application 2.10.3. The CBA creates a machine readable document export of the account and assigned entitlement details and returns it to the IGA 3. Use Case Three: Governance Based Provisioning 3.1. Description/User Story 3.1.1. In this use case, the provider of a cloud-based application (either direct SaaS or indirect PaaS) may be obligated to provide a general provisioning API (or service point) that enables external management applications to create, update and delete accounts and entitlement assignments to those accounts. In general this use case does not differentiate between batch and singleton provisioning requests or the means for those fulfillment 3.1.2. This use case include the provisioning of end-user accounts and entitlements and the ability to manage accounts and entitlements within the infrastructure that supports the end-user application 3.1.3. This use case is not significantly differentiated from general-purpose (non-cloud based) provisioning capabilities and/or existing standards and protocols. The reason for including it here is to highlight the requirement for value-based, identity enabled services to provide a remote provisioning capability for the purpose of enhanced Identity and Access Governance

3.2. Goal or Desired Outcome 3.2.1. A goal of this use case is to enable external management systems to interact with the application to create, update and delete accounts and entitlement assignments to those accounts 3.2.2. A goal of this use case is to enable external management systems to interact with the application to create, update and delete accounts and entitlement assignments within the infrastructure that supports the end-user application 3.3. Categories Covered 3.3.1. TBD 3.4. Deployment and Service Models 3.4.1. This use case applies to the following cloud service models 3.5. Actors 3.4.1.1. Cloud Deployment Models 3.4.1.1.1. Private 3.4.1.1.2. Public 3.4.1.1.3. Community 3.4.1.1.4. Hybrid 3.4.1.2. Service Models 3.4.1.2.1. Software-as-a-Service (SaaS) 3.4.1.2.2. Platform-as-a-Service (PaaS) 3.4.1.2.3. Infrastructure-as-a-Service (IaaS) 3.5.1. The following actors take part in this use case 3.5.1.1. Cloud Based Application (CBA) 3.5.1.2. External Identity Governance Application (IGA) 3.6. Systems 3.6.1. TBD 3.7. Notable Services 3.7.1. It is assumed that the Cloud Based Application (CBA) or its provider enables a remote API or requestable service point that facilitates the request/response protocol for the provisioning actions listed in this use case 3.7.2. The remote API or requestable service point that facilitates the request/response protocol for the collection of the defined account and assigned entitlement model may be provided by an external application proxy or provider 3.8. Dependencies 3.8.1. TBD 3.9. Assumptions 3.9.1. TBD

3.10. Process Flow 3.10.1. The external Identity Governance Application (IGA) contacts the Cloud Based Application (CBA) and establishes a secure connection 3.10.2. The IGA requests of the following actions for a single account or a batch /collection of accounts and passes in all required information to service its request 3.10.2.1. Create Account 3.10.2.2. Update Account Attributes 3.10.2.3. Assign Entitlements 3.10.2.4. Remove Entitlements 3.10.2.5. Enable/Disable Account 3.10.2.6. Delete Account 3.10.3. The CBA carries out the requested action and returns status to the IGA

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information