Novell Cloud Security Service
Encyclopedia
Novell Cloud Security Service (NCSS) is a Web-based (SaaS) identity
and access management
solution, currently in private beta but scheduled for release in early 2010. NCSS allows SaaS
, PaaS
, and IaaS
providers to offer their enterprise customers the ability to deploy their existing identity infrastructure in the cloud
.
. This secure bridge, which is firewall
friendly, provides a protocol proxy, policy agent, audit agent, secure communication manager and key agent. The broker ensures that sensitive information always remains behind the firewall.
functionality that maintains the cryptographic keys necessary for communication between the various components.
Identity management
Identity management is a broad administrative area that deals with identifying individuals in a system and controlling access to the resources in that system by placing restrictions on the established identities of the individuals.Identity management is multidisciplinary and covers many...
and access management
Access management
Access management, when used in traffic and traffic engineering circles, generally refers to the regulation of interchanges, intersections, driveways and median openings to a roadway. Its objectives are to enable access to land uses while maintaining roadway safety and mobility through controlling...
solution, currently in private beta but scheduled for release in early 2010. NCSS allows SaaS
Saas
SAAS is an abbreviation for* Social Accountability Accreditation Services* Software as a service * Student Awards Agency for Scotland* Seattle Academy of Arts and Sciences* South Australian Ambulance Service...
, PaaS
Paas
Paas is a brand of Easter egg dye. It is currently owned by Signature Brands, LLC.-History:The original PAAS Easter egg dye was invented by an American named William Townley. Townley was an owner of a drug store in Newark, New Jersey, where he concocted recipes for home products...
, and IaaS
IAAS
IAAS can refer to the following:*Incorporated Association of Architects and Surveyors, British professional body renamed 1993 as the Association of Building Engineers* Institute of Agriculture and Animal Science, institute of Tribhuvan University, Nepal...
providers to offer their enterprise customers the ability to deploy their existing identity infrastructure in the cloud
Cloud computing
Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility over a network ....
.
Core Functionality
At the core of NCSS is the Cloud Security Broker, a collection of cloud elements that work together to provide a secure place for cloud workloads and cloud storage. SaaS and PaaS platforms access the Security Broker via identity and event connectors provided by NCSS, while the enterprise accesses the broker via an on-premise secure bridge run from the data centerData center
A data center is a facility used to house computer systems and associated components, such as telecommunications and storage systems...
. This secure bridge, which is firewall
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
friendly, provides a protocol proxy, policy agent, audit agent, secure communication manager and key agent. The broker ensures that sensitive information always remains behind the firewall.
How It Works
When an enterprise engages a SaaS provider that uses Novell Cloud Security Service, a user at that enterprise will either log on to the service directly or via the enterprise’s existing identity systems. A "Cloud Security Broker" will then verify the identity of the user. If the user is valid, the broker generates and passes an identity token in the format requested by the cloud provider. NCSS supports multiple industry standards and identity management systems enabling different SaaS vendors to connect to different enterprise identity systems easily. NCSS also provides connectors on the SaaS provider side that provide deep audit tracking logs that enterprises can use for compliance purposes.Additional Features
NCSS features a graphical dashboard interface for providers and their customers to easily manage all their connections via a single unified interface. It also includes a key managementKey management
Key management is the provisions made in a cryptography system design that are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.Key management concerns...
functionality that maintains the cryptographic keys necessary for communication between the various components.