Problem
Carefully read the article on Cloud-based Identity & Access Management (CB-IAM), a type of access control software. Once you have done so, answer the following questions based on the article and/or based on internet research which you perform:
A. What are the main types/classes of CB-IAMs identified in the article?
B. What do you believe are the relative strengths and weaknesses of these different types of CB-IAM from both a security and privacy perspective?
C. The article identifies some potential weaknesses of CB-IAM in general. What are they?
D. What OTHER security weaknesses can you think of that apply to CB-IAM?
E. What security controls could be implemented to mitigate these?
F. Identity and Access Management software is available as a standalone application (IAM), or as a service from the cloud (CB-IAM). What are the relative security and privacy advantages and disadvantages of these different modes of delivery - local versus cloud?