Identity, Credential, and Access Management (ICAM) in Cloud Computing

Instructor: Gary Manns

Gary has taught graduate and undergraduate courses in IT and has a master's degree in Information Assurance and Security.

This lesson will teach concepts associated with authentication when dealing with cloud computing. Definitions of identity, credentials, and access management will be provided, as they relate to cloud computing.

Cloud Computing

The manner in which service providers store data and allow access to that data has changed in recent years. Gone are the days in which applications are written to access data that gets stored locally. Service providers such as Microsoft and Oracle are designing enterprise solutions (software) that are dependent upon their own data centers, so that companies don't need to worry about hosting the software themselves or storing the data in their own on-premises server rooms. This concept is known as cloud computing. When integrating with these cloud computing solutions, enterprises can face challenges on how to authenticate and manage their users properly.


Identity, Credential, and Access Management (ICAM) provides enterprises with concepts used for the purpose of managing digital identities, credentials, and access to systems and applications. This is of particular use when integrating with cloud computing service providers. Figure 1 explains how the three concepts work together to provide authentication to a system or application:

Figure 1: ICAM Cycle
ICAM Cycle


Every user of a computer system or application has a unique identity. That identity acts as an entity that consists of attributes. These attributes have many different types of formats such as name, address, gender, or manager. The number of attributes will vary based upon an enterprise. These identities map back to an entity that is a unique person. Figure 2 depicts how these three concepts intertwine:

Figure 2: Identity Correlation
Identity Correlation

When working with identity in a cloud computing environment, an enterprise must work with a cloud computing service provider to determine which attributes are important for the purpose of authenticating the user, enabling them to access the cloud computing environment. This can be achieved by extending an enterprise's identity to the cloud computing service provider using directory services. By extending and using the pre-existing identities, this removes the need of having to manage multiple identities.


When a system requires authentication, a user must provide something they know (like a password), something they have (like a randomly generated key from a two-factor authentication device), or something they are (like biometric scans such as a fingerprint, face, or eye scans) to prove their identity. This is commonly known as a credential. In cloud computing, this is almost always in the form of a password and/or two-factor authentication. Credential Management allows an enterprise to link an identity to a credential and present it as proof that the person who is attempting to access the cloud computing resource is really who they claim to be.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account