Identity in OpenStack: the Challenge of Multitenancy

Cite

openSUSE

Murphy, Colleen

Formal Metadata

Title

Identity in OpenStack: the Challenge of Multitenancy

Title of Series

openSUSE Conference 2019

Number of Parts

Author

Murphy, Colleen

Contributors

Chaos Computer Club e.V.

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/54406 (DOI)

Publisher

openSUSE

Release Date

2019

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Keystone is the OpenStack component responsible for identity management and user authentication and authorization, which has unique challenges in cloud-like environments where secure sharing of resources is an essential requirement and yet is fundamental to the core idea of collaborative computing. This introductory talk will give an overview of the keystone project, including: * The many ways users and applications can securely authenticate with keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos, * The implications for authorization in a multitenant environment and how role-based access control is designed in keystone, * How keystone relates to projects outside of the OpenStack ecosystem such as Kubernetes