Identity management across multiple SaaS (software-as-a-Service) applications as well as on-premise systems is a challenge to most enterprises. Challenges in Identity Management in the cloud, simply goes beyond how we do authentication, authorization and auditing right. Cross domain authentication, provisioning, interoperability, multi-tenancy, delegation and security are few challenges to name. The best way to preserve interoperability is to adhere to open standards. Lots of proprietary standards came a long way, but at the time they felt a larger audience is needed and interactions with other systems, those became open standards. SAML2 Web SSO, OpenID, OAuth are some popular open standards, widely used across many cloud providers for authenticating users while facilitating identity portability. WS-Trust, WS-Federation used to cater the same aspect while dealing with systems. XACML is another open standard, which is considered to be the de-facto standard for authorization. It facilitates fine-grained authorization in a policy driven manner. Provisioning is also an important aspect in a cloud identity management system. SPML failed to be the de-facto standard for provisioning due to its heavyweight nature and being bias to SOAP. The latest emerging standard for provisioning is SCIM, which is still in progress at the specification level, but looks promising.
