As more enterprises are enticed to move data to a cloud environment to enhance data sharing and reduce
operating costs by exploiting shared resources, concerns have risen over the ability to secure information
within the cloud. This paper examines how a traditional Identity and Access Control (IDAM) architecture can
be adapted to address security concerns of a cloud environment. We propose changing the paradigm of
IDAM form a pure trust model to a risk based model will enable information to be protected securely in a cloud
environment without impacting efficiencies of cloud environments.