CLOUD IDENTITY AND ACCESS MANAGEMENT – A MODEL PROPOSAL

Abstract

This paper discusses the application of cloud identity and access management in digital transformation and cloud adoption. Cloud computing refers to a fusion of various technologies, including grid computing and distributed computing, that makes use of the Internet as a service delivery network [1]. Organizations need the ability to choose the services and pricing models that best meet their needs, and budgetary constraints. It is the cloud service providers that set the price model for their cloud services, considering factors like instance size, utilization size (per hour), users’ size (per user), infrastructure size (per hour), and service size (per service). The majority of businesses are hosting or implementing web services in a cloud infrastructure for the convenience of administration and increased availability [1]. Multi-tenant setups are also utilized in cloud-based services to reduce the cost considerations associated with the services. To accomplish multi-tenancy in the cloud, virtual environments are utilized. A vulnerability in virtual machines poses a direct danger to the privacy and security of the people who are using them [2]. Security problems in cloud web services are found in particular areas such as authentication, authorization, data protection, and accountability, among other things. Cloud security is critical to business and technology sustainability. Even though the "trust boundary" is largely static and monitored and managed by the IT unit in a centralized company where functionality is being implemented within the perimeter of the company, the trust limit becomes dynamic and moves beyond IT command with the adoption of cloud computing [3]. A company's servers, systems, and applications boundaries will expand into the service provider domains. In addition, this loss of control poses a threat to the existing trusted governance and management paradigm, and it has the potential to impede the adoption of cloud services inside an organization if it is not handled correctly. Modern organizations understand the significance of protecting identities in the era of remote work and cloud hosting inside the zero boundaries, Zero Trust. However, as the quantity, kinds, and interrelationships of identities continue to grow exponentially across cloud settings, it is clear that this is a far easier said than done task [3]. Cloud security is widely acknowledged to be a shared duty between cloud service providers and their customers, at least in theory. In the process of determining the best Identity and Access Management (IAM) policies for these settings, many companies are confronted with issues such as: When are cloud-native technologies adequate, and when should we explore specialist solutions from other vendors? With all of the IT security jargon flying about, it may be difficult to discern the difference.