Comment: Privacy, Trust and Identity in the Cloud

Content-sensitive IAM controls have the ability to ease some of the trust, privacy, and identity concerns regarding the cloud, says ISACA's Mike Small
Content-sensitive IAM controls have the ability to ease some of the trust, privacy, and identity concerns regarding the cloud, says ISACA's Mike Small
Discretionary access control
Discretionary access control
Content-sensitive IAM
Content-sensitive IAM

The internet, and social networking sites in particular, are redefining privacy in the world today. Privacy, in this case, means that people are able to control what information about themselves is made available to other people.

There is no universal agreement on what is private: different cultures hold different views on this issue, and what is considered private changes over time. For example, whereas individual tax returns in the UK are private, in Norway the earnings of every citizen are publicly available. This openness helps ensure that people are correctly taxed, but it could also put people with high incomes at risk of theft, kidnapping and extortion.

Privacy, therefore, is a balance.

Governments have recognized the importance of privacy and have legislated on this issue. However, this legislation is primarily aimed at governments and organizations holding personal data. It does not protect the individual from themselves, or the organization from the employee acting as a private individual.

Someone using a social networking site is at liberty to give away personal information – even to their own detriment. They can also deliberately or inadvertently pass information or make comments that could damage their employer. They can also send ill-judged messages that are publicly visible using Twitter.

Trust is important because it forms the basis upon which personal and commercial transactions take place. Trust is, in some ways, in conflict with privacy. Privacy can be the friend of the confidence trickster or criminal, by allowing them to conceal their identity and their previous activities.

How can trust be enforced on the internet, where it is not always easy to identify individuals and where transactions take place? An alternative approach is the one adopted by eBay, where each buyer and seller has a feedback rating. If an eBay seller consistently behaves in a trustworthy manner, then their rating increases; conversely, if they do not, then it decreases. People can chose whether or not to transact with one another based on this rating.

In the cloud, no one knows who you are. The threat of impersonation is very real, and a self-created user identity is no longer adequate.

One solution to this is through ‘claims-based’ authentication. Here, a trusted authentication system makes a ‘claim’ of the user’s identity to the cloud system, which then relies upon this claim. This is similar to a citizen of one country using a passport to enter another country.

Identity federation is a technology for claims-based authentication between organizations. The user is authenticated by logging into their organization’s network. When they access a cloud application their identity is passed to the cloud provider. This method typically uses SAML (Security Assertion Markup Language) or ADFS (Active Directory Federation Services). The technology is secure, but identity federation depends upon trust between the two organizations, which needs to be underpinned by legal agreements.

What about individuals? People with a Belgian Identity card can use the card to register their identity on eBay. Using a card reader, eBay users from Belgium can now log into eBay in a way that provides extra certainty about their identity.

Identity and Access Management (IAM) normally controls access to specific resources. This form of access control does not help when data is unstructured, and messages are being created on the fly. Content-sensitive IAM extends control to cover data based on its content. The control is enforced at the time the data is created, discovered, or transmitted. This has the potential to protect organizations against data leakage and individuals against posting messages they later regret.

The cloud now provides many services that are used by individuals and enterprises alike. Its emergence has created new challenges relating to privacy, trust and identity. Privacy legislation and normal access technology does not help protect the individual against their own misjudgments, or the organization against the mistakes of their employees. Content-sensitive controls have the potential to provide a solution for some of the issues.


Mike Small, a member of the ISACA Security Advisory Group, London chapter, is a fellow analyst at Kuppinger Cole and Partner. Until 2009, Small worked for CA where he developed CA’s identity and access management product strategy. He is a frequent speaker at IT security events around EMEA and contributor to the security press.

What’s Hot on Infosecurity Magazine?