The other day I was re-configuring a VmWare instance of our SiteMinder product when a simple realization hit me. What if this was an image containing some kind of secure application or sensitive financial data? I would be able to change the application, change the data or plant a virus. And if someone else with no knowledge of my attack copied the image to a production environment, they’d have no idea that something was wrong. Imagine if I had access to 100s or 1000s of images. The amount of damage would be significant.

The answer is governance. More precisely, it’s about setting up a process to ensure that access to sensitive images is properly managed and audited. This suggests that virtual images, or virtualization itself, could benefit from some of the traditional identity management best practices. So let’s examine specific issues that would have to be addressed.

First, a virtual image needs to be given an identity. It’s not sufficient to think of an image being a simple resource. Images end up running on virtual hosts, consume host resources, and run applications. Hence images require an identity that can be tracked. We have to track not only the user tinkering with the image, but the image itself because it will run on a virtual host. And while we’re at it, we have to track the virtual host itself. But we already knew that governance must be comprehensive.

Now that we have tagged an image with an identity, we can apply traditional identity management processes to virtualization. With the focus on the administrator, we can:

¾      Administer specific images

¾      Establish role-based administrative access

¾      Delegate administrative access

¾      Enforce administrative SoD

¾      Approve administrative change requests

¾      Audit administrative actions

¾      Generate compliance reports and perform attestation

¾      Remediate excessive administrative rights

Additionally we can begin to express policies that govern the rights an image has on a virtual host at run-time. Specifically we can:

¾      Restrict image to run on a specific host

¾      Prevent image from executing specific applications or leveraging specific host resources

¾      Capture and correlate events generated by the image

¾      Generate report on run time behavior

This list of capabilities looks a lot like traditional identity lifecycle management being used to help mitigate risk and address compliance requirements, doesn’t it? With the use of virtualization on the rise, the need for IAM systems to manage virtualization will emerge.

And while IAM for virtualization will work for few virtual images, the only way to scale is for virtualization management systems to integrate with IAM systems. Such integration will facilitate end-to-end virtualization governance and drive additional value for organizations that have already adopted IAM processes.

It’s likely the existing IAM systems will be called upon to support virtualization (we don’t want redundant silos of IAM, do we?) and integrate with virtualization management systems. To support such integration IAM systems have to become service-aware and offer IaaS (Identity as a Service) capabilities.