conference logo

Playlist "openSUSE Conference 2019"

Identity in OpenStack: the Challenge of Multitenancy

Colleen Murphy

Keystone is the OpenStack component responsible for identity management and
user authentication and authorization, which has unique challenges in
cloud-like environments where secure sharing of resources is an essential
requirement and yet is fundamental to the core idea of collaborative
computing. This introductory talk will give an overview of the keystone
project, including:

* The many ways users and applications can securely authenticate with
keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos
* The implications for authorization in a multitenant environment and how
role-based access control is designed in keystone
* How keystone relates to projects outside of the OpenStack ecosystem such as
Kubernetes

Keystone is the OpenStack component responsible for identity management and
user authentication and authorization, which has unique challenges in
cloud-like environments where secure sharing of resources is an essential
requirement and yet is fundamental to the core idea of collaborative
computing. This introductory talk will give an overview of the keystone
project, including:

* The many ways users and applications can securely authenticate with
keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos
* The implications for authorization in a multitenant environment and how
role-based access control is designed in keystone
* How keystone relates to projects outside of the OpenStack ecosystem such as
Kubernetes