Radiant Logic Announces Cloud Federation Service and VDS

One of the more important elements of building a private cloud is keeping the cloud private--private in the sense that only those who are authorized to access it are allowed to use it, while everyone else is kept out.

Radiant Logic may have the answer to keeping private clouds private with its latest iteration of RadiantOne Virtual Directory Server Plus, also known as VDS+. The product is designed to manage and consolidate an organization's various directories, making user access easier to manage.

VDS+ also integrates with Radiant Logic’s new RadiantOne Cloud Federation Service (CFS), which allows cloud services providers (including internal, private cloud hosts) to incorporate their own identity and access management schemes. Traditionally, the trusted sharing of processes and data across disparate systems has been difficult to achieve, making it challenging to federate operational security.

The combination of VDS+ and CFS consolidates identity management across a mix of identity stores, including LDAP directories, databases and Web services.

"It’s a struggle to provide single sign-on when your identities are scattered across multiple Active Directory domains and forests, databases and applications," says Dieter Schuller, VP of business development at Radiant Logic. "But CFS, together with VDS+, brings a complete identity service based on virtualization to an entire enterprise infrastructure. This common identity layer can then be tied securely to applications, no matter where they are—including the cloud."

When a user logs in, the cloud service provides links to applications hosted internally and online, preventing the need for additional authentication by those cloud services. That allows access to private clouds to be combined with other secure access services, simplifying the log-on process for users while reducing help desk calls (for such things as lost passwords) and making it easier for administrators to control and audit access to systems.What’s more, CFS includes a service that authenticates users and generates vendor-specific security tokens to deliver to specific applications. CFS can also authenticate identities belonging to different Active Directory domains and forests, extending single-sign-on functionality to users residing in different forests.

CFS adheres to industry standards, such as SAML 2.0 and WS Federation, further simplifying federation of user access. CFS can integrate with other authentication mechanisms, such as Windows Azure Access Control Service and Active Directory Federation Service, as well as with Web access management products, including CA's SiteMinder, Ping Identity's PingFederate and the open source OpenAM and Shibboleth.

Gregg Kreizman and Ant Allan, research director and VP, respectively, Gartner, stated in their report "Key Issues for Identity and Access Management 2011," published in February, that "mobility and cloud computing are stretching and breaking traditional IAM processes and infrastructure. The same IAM functions are needed for the cloud; however, they are just not readily available as mature, abstracted or brokered services. Rather, each IAM function (administration, access and intelligence) is delivered independently by the cloud application provider."

Radiant Logic said in a statement that cloud services supported include Microsoft SharePoint 2010, Salesforce, Google Apps for Education and Cisco WebEx.

See more on this topic by subscribing to Network Computing Pro Reports Research: Enterprise Apps 2011 (subscription required).