WS-Security is a general-use communications protocol covering security specifications as applied to Web services. It discusses how to ensure confidentiality and integrity across the Web. WS-Security uses SOAP messages to ensure end-to-end security at the application layer.
WS-Federation incorporates the mechanisms and protocols to allow unrelated security domains to securely communicate identity and authentication information. This standard enables separate authentication domains to communicate, creating the foundation for larger realms of trust across ever larger security domains, perhaps global in scope. WS-Federation is a big deal.
WS-Trust is a Web service specification dealing with identity/authentication security tokens. It covers provisioning, de-provisioning, renewing, and validating participating tokens. Used with WS-Federation, WS-Trust allows applications in different security domains to broker trust relationships between entities that might otherwise have a hard time doing so.
Security Token Service (STS) is a Web service that issues security tokens as defined in the WS-Security and WS-Trust specifications. Any authentication provider that issues security tokens can be considered a STS if it conforms to some general principals as described in the specification.
OpenID is a decentralized way to exchange identity/authentication tokens between the provider and consumer of a Web service. It can manage and protect multiple types of authentication, including passwords, digital certificates, and two-factor security tokens. A single user can have multiple OpenID credentials and submit the appropriate one when requested. Supported by many of the world's largest vendors, OpenID is expected to become a de facto Web browser standard in the near future. Microsoft recently announced that its CardSpace implementation (in Windows XP Pro and later) and Windows Live IDs already conform to the OpenID specification.
Putting it all together
Essentially all these open standard protocols and specifications will allow huge, interconnected identity and authentication systems to be created between multiple, disparate parties. In relation to cloud services, these standards are often the way you will connect to them. Cloud services allow services and servers to be "matrixed" via the Internet. The specifications mentioned above allow the identity and authentication services necessary to connect to cloud services to be "clouded" themselves.