Cloud Identity

  • TYPE: Combined Session DATE: Thursday, May 15, 2014 TIME: 14:30-15:30 LOCATION: AMMERSEE II


The Cloud IAM market is currently driven by services that focus on providing Single Sign-On to various Cloud services as their major feature and business benefit. This will change, with two distinct evolutions of more advanced services forming the market: Cloud-based IAM/IAG (Identity Access Management/Governance) as an alternative to on-premise IAM suites, and Cloud IAM solutions that bring a combination of directory services, user management, and access management to the Cloud.

There are many terms for what we call “Cloud IAM” for Cloud Identity and Access Management. IDMaaS (Identity Management as a Service), IDaaS (Identity as a Service), and various other names are used. However, there is no common understanding of what constitutes that market segment. Vendors have taken different paths to this market segment. One common denominator is Cloud Single Sign-On, which allows users to access a portal that links to “his” (or “her”) Cloud services and provides a seamless login, either based on passing through username and password or relying on Identity Federation standards.

This will change, but there will be at least two distinct approaches to Cloud IAM that overlap in their core functionality. One is Cloud-based IAM/IAG that provides Identity Provisioning and Access Governance capabilities as a Cloud service. These services in fact are a direct counterpart to established on-premise Identity Provisioning and Access Governance solutions. These types of solutions also provide good out-of-the-box integration with on-premise systems, allowing management and governance for identities and access to these services.

The second group of solutions primarily focuses on managing what we call the “new ABC: Agile Businesses: Connected”. They focus on managing external users, such as business partners and customers, and their access to Cloud services and on-premise web-based applications. Commonly, these services are a combination of identity federation, self-service registration, directory services, and access management solutions, all provided as a Cloud service.

While both groups of solutions might converge in the long run, both provide far more functionality than just Cloud Single Sign-On, which will not remain sufficient for success in business.

In this session, Mike Small will explain the evolution and convergence of Cloud IAM, talk about selection criteria and look at vendors in that market segment.


"To cloud or not to cloud?" - this is no longer the question. It is rather to what extent and depth enterprises leverage cloud computing. With identity and access management (IAM) solutions for their internal IT systems, enterprises have achieved a high level of security, transparency and compliance. They do not want to go back to the old days of erratic and insecure identity management when they have to deal with multiple cloud providers and their proprietary user management interfaces.

Integrating and maintaining each cloud application individually within the enterprise IAM solution is no real alternative. Obviously, building a pure Cloud IAM besides the existing on-site IAM is also not the most elegant way to solve the challenge. The target should be to use an approach that seamlessly connects the enterprise IAM solution with a multitude of cloud services in a standardized, centralized way.

In this panel session, we will discuss about architectural approaches for extending IAM to the Cloud, in order to allow managing all identities and access in a consistent way.


Per’s goal is to establish neXus as the comparative in the digitial identity and authentication industry by delivering continuous innovation in neXus products and services. Per was previously CTO of PortWise and prior to this he held senior postions at Icon Medialab and WM-data. In...

Paul Madsen is a Principal Technical Architect within the Office of the CTO at Ping Identity. He has participated in various design, chairing, editing, and education roles for a number of identity standards, including OASIS SAML,  Simple Cloud Identity Management (SCIM), OAuth 2.0, and TV...

Bart has worked for VASCO since 1998 and has served in different roles within the company. He started by building the Customer Services department and was responsible for all pre- and post-sales activities at VASCO. After that he switched to a sales position heading the company’s...

Don Schmidt is a Principal Program Manager in the Windows Azure Active Directory engineering team at Microsoft with over 30 years of successful software and standards development experience in security, federated identity and attribute-based access control. He is considered a trusted advisor...

Log in to download the presentation:  


Session Links


European Identity & Cloud Conference 2014

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 13 - 16, 2014 Munich, Germany