Levels of Federation and Services in Cloud
Pre-requisite:- Cloud Federation
The implementation and management of several internal and external cloud computing services to meet business demands is known as cloud federation, sometimes known as federated cloud. A global cloud system combines community, private, and public clouds into scalable computing platforms. By utilizing a common standard to link the cloud environments of several cloud providers, a federated cloud is built.
Levels of Cloud Federation
Cloud Federation stack
Each level of the cloud federation poses unique problems and functions at a different level of the IT stack. Then, several strategies and technologies are needed. The answers to the problems encountered at each of these levels when combined form a reference model for a cloud federation.
The difficulties in presenting a cloud federation as an advantageous option for using services rented from a single cloud provider are addressed at the conceptual level. At this level, it’s crucial to define the new opportunities that a federated environment brings in comparison to a single-provider solution and to explicitly describe the benefits of joining a federation for service providers or service users.
At this level, the following factors need attention:
- The reasons that cloud providers would want to join a federation.
- Motivations for service users to use a federation.
- Benefits for service providers who rent their services to other service providers. Once a provider joins the federation, they have obligations.
- Agreements on trust between suppliers.
- Consumers versus transparency.
The incentives of service providers and customers joining a federation stand out among these factors as being the most important.
Logical and Operational Level
The obstacles in creating a framework that allows the aggregation of providers from various administrative domains within the context of a single overlay infrastructure, or cloud federation, are identified and addressed at the logical and operational level of a federated cloud.
Policies and guidelines for cooperation are established at this level. Additionally, this is the layer where choices are made regarding how and when to use a service from another provider that is being leased or leveraged. The operational component characterizes and molds the dynamic behavior of the federation as a result of the decisions made by the individual providers, while the logical component specifies the context in which agreements among providers are made and services are negotiated.
At this level, MOCC is put into precise and becomes a reality. At this stage, it’s crucial to deal with the following difficulties:
- How ought a federation should be portrayed?
- How should a cloud service, a cloud provider, or an agreement be modeled and represented?
- How should the regulations and standards that permit providers to join a federation be defined?
- What procedures are in place to resolve disputes between providers?
- What obligations does each supplier have to the other?
- When should consumers and providers utilize the federation?
- What categories of services are more likely to be rented than purchased?
- Which percentage of the resources should be leased, and how should we value the resources that are leased?
Both academia and industry have potential at the logical and operational levels.
The technological difficulties in making it possible for various cloud computing systems to work together seamlessly are dealt with at the infrastructure level. It addresses the technical obstacles keeping distinct cloud computing systems from existing inside various administrative domains. These obstacles can be removed by using standardized protocols and interfaces.
The following concerns should be addressed at this level:
- What types of standards ought to be applied?
- How should interfaces and protocols be created to work together?
- Which technologies should be used for collaboration?
- How can we design platform components, software systems, and services that support interoperability?
Only open standards and interfaces allow for interoperability and composition amongst various cloud computing companies. Additionally, the Cloud Computing Reference Model has layers that each has significantly different interfaces and protocols.
Services of Cloud Federation
Active Directory Federation Services (ADFS)
Microsoft developed the Single Sign-On (SSO) system known as (ADFS). It serves as a component of Windows Server operating systems, giving users authenticated access to programs through Active Directory that cannot use Integrated Windows Authentication (IWA) (AD).
Through a proxy service located between Active Directory and the intended application, ADFS manages authentication. Users’ access is granted through the usage of a Federated Trust, which connects ADFS and the intended application. As a result, users no longer need to directly validate their identity on the federated application in order to log on.
These Four Phases are typically followed by the Authentication Process:
- The user accesses a URL that the ADFS service has provided.
- The user is then verified by the AD service of the company through the ADFS service.
- The ADFS service then gives the user an authentication claim after successful authentication.
- The target application then receives this claim from the user’s browser and decides whether to grant or deny access based on the Federated Trust service established.
Cloud-based Single Sign-On and Identity Federation without ADFS
Applications can assign user authentication duties to a different system through a process known as identity federation. You can accomplish single sign-on, where users only need to log in once to be able to access any number of their applications, by delegating access for all of your applications through a single federation system. But because federation enables organizations to centralize the access management function, it is far more significant than single sign-on (see our piece on this). User experience, security, application onboarding, service logging and monitoring, operational efficiency in IT, and many other areas may all benefit from this.
Radiant One Cloud Federation Service: You’re On-Premises IdP
The newest addition to the Radiant One package is the Cloud Federation Service (CFS), which is powered by identity virtualization. Together with Radiant One FID, CFS isolates your external and cloud applications from the complexity of your identity systems by delegating the work of authenticating against all of your identity stores to a single common virtual layer.
Please Login to comment...