In an age of complexity with IT networks, simplicity is a virtue. When it comes to directory services, that translates to having one core identity provider (IdP) to regulate access to all of your IT resources.
Finding one core identity provider to rule them all is the challenge. The good news is that a next generation cloud identity and access management (CIAM) platform has emerged that has revitalized the concept of the IdP for modern IT networks.
It’s called JumpCloud® Directory-as-a-Service®. Before we dive into the benefits of this cloud identity management platform, however, we should outline the characteristics of the traditional IdP. In doing so, the benefits of having one core identity provider will be revealed.
Legacy Identity Provider Characteristics
The origin of the identity provider dates back to the advent of the Lightweight Directory Access Protocol (LDAP). LDAP was developed in 1993 at the University of Michigan. Tim Howes, a JumpCloud advisor, was the lead developer. He told us they created LDAP to help secure decentralized IT.
The advent of LDAP subsequently led to the creation of the two most popular on-prem identity providers from the late 1990s. The first was the open source iteration of LDAP, which goes by the moniker OpenLDAP™. The other solution came from Microsoft® and combined LDAP with the Kerberos protocol to provide management capabilities for Windows®-based IT resources. It’s called Active Directory® (AD).
Of course, AD has been far more dominant in the enterprise than OpenLDAP over the years. In fact, the Microsoft directory services platform has remained the preferred IdP to date. The issue for modern IT organizations is that AD (and OpenLDAP) have been in decline since the mid-2000s.
The decline of the conventional identity provider began when web applications like Salesforce started to replace on-prem applications. Shortly thereafter, macOS and Linux devices gained a foothold in the enterprise. These new (at the time) solutions could not be bound to a domain controller. Consequently, direct management with AD and/or OpenLDAP was inconceivable.
The situation would only get worse for the legacy IdP with (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/one-core-identity-provider/