Token translation using SAML is now quite an established way to allow applications in one security domain to communicate with applications in another security domain, on behalf of a user whole identity does not have to also flow with the data. For more info go to Vordel's government page and then click on "Secure Cross-Domain".
Can a similar architecture be used for SOA-to-Cloud and "inter-cloud" scenarios? The answer is "yes - watch this space...."
Beyond Marking Time
3 hours ago