Ten years ago people speak “all originated in the code of the Internet”, ten years later it was found that the cloud computing is engulfing the entire world, in the current society as a whole comprehensive “cloud”, under the trend of cloud security problem has received the widespread attention, recently whether ali cloud or huawei full connection assembly, focusing on security issues. Whether it is ali security team’s “Cloud Security will solve the problem” at the Cloud Computing Conference, or wei Xiaoqiang, vice president of 360 Group’s Cloud Security Research Institute’s “New Generation network security Framework – Connected cloud Platform” and other keynote speeches at the Full Connectivity Conference, they have aroused wide resonance in the industry. In may, Google’s Project Zero security team revealed some of the bugs it found in Apple’s Image I/O. The Image I/O library is a multimedia library shared by iOS, MacOS, WatchOS, and TVOS, so the flaw exposed by Google affects almost every major Apple platform. Recently frequent security incident shows, balance the relationship between safety and efficiency, also is a difficult problem for large cloud service provider, and in the witnessed the cloud after two sound to the top of the industry will be connected to the full, found a company called Authing start-up, from the perspective of identity authentication authorization to solve a lot of cloud security problems in real life. Since the birth of the concept of “cloud computing” in 2006, the tide of enterprise cloud has swept the world. Enterprises can flexibly use resources and expand the flexible and easily managed service mode after cloud service, which can improve the efficiency of resource allocation and reduce the cost of information construction. There is a saying in the industry that “after the system is on the cloud, the hardware input cost is reduced by nearly 2/3”.
At the same time, network security incidents have been sounding the alarm like a ghost. According to Verizon’s data Breach Investigation Report 2020, attacks on Web applications accounted for 43% of the total number of breaches, more than double the number in 2019, and the vast majority of effective attacks were directly related to identity authentication issues. Researchers say this is because companies are moving more of their workflows to cloud services, and once a hacker discovers a security flaw in a cloud service provider, the scope of the attack and damage is exponentially larger than it would have been otherwise. Therefore, users not only need to access the cloud, but also need to choose a secure path to access the cloud, which also puts forward higher requirements on the security capabilities of cloud vendors.
In response to the growing demand for cloud security, the International Cloud Security Alliance (CSA) was established in 2009. Later, THE Cloud Security Guide issued by CSA has become the most authoritative security guide in the field of cloud computing. At present, in the field of cloud security technology, in addition to Microsoft, Amazon and other traditional cloud service giants, there are also a number of foreign cloud security start-ups, and Authing is one of them. Cloud security technologies are becoming increasingly important, and cloud-based identity authentication is creating significant value. Estonia, a Baltic country in eastern Europe, is often referred to as the “Baltic Tiger” because of its advanced information technology, and has succeeded in becoming a high-income country. The secret lies in the rapid rise in popularity of the country through its “cloud ID card”.
Estonia announced in October 2014 open to the world all “digital citizens” id service, this also is the world’s first electronic civil project, the Estonian government aims to Estonia and convenient network of industrial and commercial administrative service to the people all over the world, let the whole world Internet entrepreneurs more convenient, more entrepreneurial at low cost. So far, more than 10 million citizens from more than 50 countries have applied for Estonian e-citizenship, and the number is still rising. In May 2015, the Estonian government introduced a new policy, which does not require applicants to go to the Estonian embassy to apply. Instead, applicants can apply online. They only need to fill in a simple information on the official website and pay a 50 euro application fee with a credit card.
As long as there is the electronic identity card, even if not in Estonia and foreigners through the Internet to enjoy Estonia’s business and banking services, government services, for example, you can points minutes on the Internet company registered a formal Estonia (revenue rate is 0%), also can open Estonia bank account on the Internet, direct investment can fry stock, These services are extremely useful for this era of digital residents and Internet entrepreneurs alike. It also makes people exclaim that security certification can create value.
Such a miracle is also happening in China. At present, behind the substantial development of China's cloud computing industry, one of the major benefits that enterprises can enjoy on the cloud is the data security capability based on hardware. Traditional data security products are mostly based on software. At present, Ali Cloud, Microsoft and IBM have provided customers with "trusted execution environment", which is a solution based on processor hardware protection and prevents data leakage during operation by combining software and hardware. Cloud vendors have the advantages of scale of computing resources and other innate conditions, so that they can use a variety of cutting-edge technologies such as encryption computing to ensure user data security, so as to enhance cloud security on the enterprise.Copy the codeBased on this background, Authing identity cloud and other security enterprises have been able to develop substantially. As we have just said, how to balance the relationship between security and efficiency is actually a problem in front of the major cloud service providers. In the past, due to the limitation of security, the efficiency of identity authentication in traditional industries, especially in education, is often relatively low. The method of “user name and password” is mainly used to achieve user identity authentication. The traditional authentication method of user name and password is used in all systems. The mechanism of user name and password is easy to leak or be guessed by others due to the user’s weak security awareness. For example, college students in China often need to submit work forms if they forget the passwords of relevant service users, which can only be retrieved after several days of manual operation by the publishing house. Moreover, mobile phones, wechat, email and other channels have not been opened, which also brings a lot of inconvenience to the students.
However, after Authing identity cloud entered the field of education, all this has changed significantly. Maybe now college students have no discomfort in searching after-class answers. As long as they are bound to wechat and mobile phone numbers, the user’s identity information will not be lost any more. On the premise of improving security indicators, it can also improve efficiency, which is the value created by identity authentication. Behind this calm time, Authing is just pushing forward for us.
IDaaS identity as a Service is the IAM (Identity and Access Management) service of the cloud computing era, also known as IAM as a SaaS. It provides single sign-on, powerful authentication management, policy-based centralized authorization and auditing, dynamic authorization, enterprise manageability, and more. Compared with traditional security, IDaaS has obvious disadvantages and advantages. Looking at the development situation of the entire information security field, IDaaS and other cloud native security schemes are gradually rising, mainly because Internet security meets the following three challenges: high cost and duplicate wheels: The traditional security scheme requires enterprises to purchase dozens or even hundreds of security products to initially establish the enterprise security system, which is costly and wasteful of repeated construction for the security system. The traditional security model is the external security outside the IT system: when enterprises use IT infrastructure such as network, storage, database, etc., they often purchase from different manufacturers and have different brands of security products. Therefore, security products can only be deployed outside the infrastructure to do “external hanging security”. How to make security products and products, security products and infrastructure to do better linkage? This is a big challenge for traditional security vendors. Traditional security products have high barriers to use: this makes security products a “luxury” : Companies to buy security products to use, light must also have a special security personnel to use can really play to the effect, then USES mostly offline security vendor products and services sales way, because it could not constitute a relatively linkage system, lead to enterprise need to hire a lot of security professionals to special operations, increase cost, As a result, most enterprises do not have enough professional security personnel to operate. In the process of enterprise digital transformation, IT infrastructure and applications are gradually moving to the cloud, and security is also moving to the cloud. In the cloud virtualization environment, service traffic is more complex, so cloud protection methods will become more diversified and complicated. Cloud change the underlying infrastructure architecture of the enterprise, the traditional security architecture is no longer suitable for the cloud, the cloud security will redefine the security architecture of the enterprise, and IDaaS this natural cloud native solution, can be directly with cloud computing framework, cloud can be perfectly solved in the field of security, efficiency and security of both it too. According to a study by O’ReillyMedia and Dynatrace, it is estimated that 92% of enterprises will implement cloud native security by 2021, and cloud native security will be the future development direction in the security field. In the process of enterprise digital transformation, their infrastructure technology architecture will be cloud. Enterprise architectures, which used to be simple single-point systems, have evolved into distributed architectures based on cloud-based underlying technologies. Since the enterprise infrastructure technology uses cloud native technology, the security technology architecture built on the underlying architecture must also be adapted to cloud native technology, and IDaaS is exactly the model of cloud native security technology. The next generation security architecture based on IDaaS security capability can realize the integration of cloud infrastructure and security capability, solve the dilemma of high cost of traditional security system, and combine IDaaS and IT infrastructure more closely. Tight coupling of native security, so as to achieve security management, security risk monitoring, with a console to achieve all aspects of identity assets security management. Moreover, because IDaaS can naturally link with the threat intelligence of the cloud platform, it can realize the automatic response of the whole network for identity authentication security risks, which is reduced from the traditional hour level to the minute level, greatly reducing the loss caused by security incidents to enterprises.
Looking at the global market, the world’s top cloud manufacturers are in the direction of unified, cloud biological security management. Now cloud security has gradually become the industry consensus, domestic cloud manufacturers linked together, jointly create cloud security ecology has become the development trend of the industry in the future. With the new infrastructure policy, global digital transformation and rapid development of 5G, artificial intelligence, cloud computing, big data and other technologies, the demand for IDaaS will continue to grow, and I believe IDaaS has a promising future.