Thursday, October 14, 2010

Netflix in the Cloud

Netflix is adopting (public) cloud with full force. Check out these few slides around the drivers and their roadmap for such move. Does it mean in the future IaaS providers will start to provision nVidia/ATI GPU based machines for faster video codec processing?

Thursday, October 7, 2010

Cloud SSO heating up

In the early part of this decade, SSO vendors (Oblix, Netegrity, Tivoli, etc.) provided solution that made life simple and brought efficiencies for both employees and IT by eliminating the need to remember and maintain/reset tens if not hundreds of username/password combinations that allowed employees to access internal applications needed for their job.

In the next wave, these SSO solutions moved into partner and consumer facing applications where federation was brought in to mediate between different security systems leading to popularization of SAML standard.

Fast forward to now - As new set of applications get delivered as SaaS, SSO had to catch-up with this new deployment model, and new products/solutions are emerging to solve these challenges.

  • TriCipher (acquired by VmWare) - VmWare saw this need early on as it tries to deliver the vCloud platform. This piece may also become the security mediator between vCloud deployments and external SaaS/cloud offerings. Will have to watch what VmWare does with it.
  • PingIdentity - The PingFederate solution addresses this need. PingIdentity has been a pioneer in the SAML federation space.
  • Symplified - Started by ex-PingIdentity folks, it has quickly earned a name for itself in this space.
  • Vordel - It's Cloud Service Broker provides solution in this space.
  • Citrix OpenCloud Access - This is the latest addition to this space, available as an optional module for Citrix Netscaler. Announced yesterday at Citrix Synergy (Citrix's annual user conference), this should also help Citrix implicitly sell more of it's GoToMeeting product line.
As you can see the market for Cloud SSO is heating up ...

Access Google address book via LDAP using OVD

My colleague Mark Wilcox who also runs a blog created an integration between Oracle Virtual Directory (OVD) and Google address book.
This solves use cases for customers who use Google Apps for business, and would also like to use Google as their source of identity instead of maintaining user profiles in their own LDAP stores. OVD provides a nice virtual LDAP interface on top of this Google identity store. Customers can leverage it for SSO of their enterprise apps using Google identities. Where there's a need to add custom attributes to the user's Google profile, OVD has a provision to allow addition of such attributes without modifying the schema of Google identity store (which anyways is inaccessible).

Note that this is different from the SAML federation that Google supports for access to "Google Apps" using enterprise identities that come from enterprise LDAP.