SlideShare una empresa de Scribd logo

Open stack identity project update (havana) (1)

D
Dolph Mathews
1 de 8
Descargar para leer sin conexión
OpenStack Keystone Identity Project Update Dolph Mathews PTL
Overview ● What is Keystone? ● Grizzly ● Havana ● Questions
What is Keystone? ● Interface to Identity Management ● Authentication ○ Client authentication: username + password ○ Request authentication: token ● Limited authorization ○ Centrally managed role assignments ○ Decentralized policy enforcement ● Service Discovery
Grizzly ● Signed Tokens ● Identity API v3 ● Domains ● User groups ● Trusts ● Policies ● External authentication methods ● Pluggable authentication driver
Havana ● External authentication ○ OAuth 1.0a ○ x509 ● Client support ○ Middleware: auth_token ○ Command line: openstackclient ○ Web UI: Horizon ● Event notifications ● Availability zones and region management
Havana ● Key management ● LDAP integration ● Centralized quotas ● Secure endpoint-endpoint communication ● Fine-grained access control
OpenStack Keystone Questions? Dolph Mathews PTL

Recomendados

Creda Cash Tech Pitch
Creda Cash Tech PitchCreda Cash Tech Pitch
Creda Cash Tech PitchJakeHenningsgaard
 
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardt
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick HardtINTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardt
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardtapidays
 
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?Digipolis Antwerpen
 
Blockchain – The future of Internet by Moinur Rahman
Blockchain – The future of Internet by Moinur RahmanBlockchain – The future of Internet by Moinur Rahman
Blockchain – The future of Internet by Moinur RahmanMyNOG
 
Talk Microservices to Me: The Role of IAM in Microservice Architecture
Talk Microservices to Me: The Role of IAM in Microservice ArchitectureTalk Microservices to Me: The Role of IAM in Microservice Architecture
Talk Microservices to Me: The Role of IAM in Microservice ArchitectureWSO2
 
BlockchainConf.tech - Hyperledger overview
BlockchainConf.tech - Hyperledger overviewBlockchainConf.tech - Hyperledger overview
BlockchainConf.tech - Hyperledger overviewPad Kankipati
 
Blockchain fundamentals
Blockchain fundamentalsBlockchain fundamentals
Blockchain fundamentalsNhất Linh Châu
 
Information security in private blockchains
Information security in private blockchainsInformation security in private blockchains
Information security in private blockchainsCoin Sciences Ltd
 

Recomendados

Creda Cash Tech Pitch
Creda Cash Tech PitchCreda Cash Tech Pitch
Creda Cash Tech PitchJakeHenningsgaard
 
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardt
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick HardtINTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardt
INTERFACE by apidays - TxAuth: the future of OAuth? by Dick Hardtapidays
 
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?
Meetup 19/12/2016 - Blockchain-as-a-service voor Antwerpen?Digipolis Antwerpen
 
Blockchain – The future of Internet by Moinur Rahman
Blockchain – The future of Internet by Moinur RahmanBlockchain – The future of Internet by Moinur Rahman
Blockchain – The future of Internet by Moinur RahmanMyNOG
 
Talk Microservices to Me: The Role of IAM in Microservice Architecture
Talk Microservices to Me: The Role of IAM in Microservice ArchitectureTalk Microservices to Me: The Role of IAM in Microservice Architecture
Talk Microservices to Me: The Role of IAM in Microservice ArchitectureWSO2
 
BlockchainConf.tech - Hyperledger overview
BlockchainConf.tech - Hyperledger overviewBlockchainConf.tech - Hyperledger overview
BlockchainConf.tech - Hyperledger overviewPad Kankipati
 
Blockchain fundamentals
Blockchain fundamentalsBlockchain fundamentals
Blockchain fundamentalsNhất Linh Châu
 
Information security in private blockchains
Information security in private blockchainsInformation security in private blockchains
Information security in private blockchainsCoin Sciences Ltd
 
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»Yulia Tsisyk
 
"Безопасность микросервисных приложений"
"Безопасность микросервисных приложений""Безопасность микросервисных приложений"
"Безопасность микросервисных приложений"DataArt
 
FIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE ArchitecturesFIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE ArchitecturesFIWARE
 
Code signing and trust
Code signing and trustCode signing and trust
Code signing and trustJapneet Singh
 
20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle framework20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle frameworkHu Kenneth
 
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...Дмитрий Плахов
 
Dash Crypto Currency Intro for Techies
Dash Crypto Currency Intro for TechiesDash Crypto Currency Intro for Techies
Dash Crypto Currency Intro for TechiesJoseph Holbrook, Chief Learning Officer (CLO)
 
Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)Luniverse Dunamu
 
Understanding private blockchains
Understanding private blockchainsUnderstanding private blockchains
Understanding private blockchainsCoin Sciences Ltd
 
Luniverse Partners Day - Jay
Luniverse Partners Day - JayLuniverse Partners Day - Jay
Luniverse Partners Day - JayLuniverse Dunamu
 
SingularityNET Developer Workshop
SingularityNET Developer Workshop SingularityNET Developer Workshop
SingularityNET Developer Workshop Ibby Benali
 
Blockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank VaghelaBlockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank VaghelaPriyankVaghela
 
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoWebinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
 
Blockchain Introduction
Blockchain IntroductionBlockchain Introduction
Blockchain IntroductionAyham Madi
 
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...Scott Brady
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013javagroup2006
 
Hacking Blockchain
Hacking BlockchainHacking Blockchain
Hacking BlockchainPriyanka Aash
 
The Plone and The Blockchain
The Plone and The BlockchainThe Plone and The Blockchain
The Plone and The BlockchainAndreas Jung
 
Expanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical CommunicationsExpanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical CommunicationsCPqD
 
The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014CPqD
 
Strategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsStrategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsCPqD
 
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...CPqD
 

Más contenido relacionado

La actualidad más candente

Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»Yulia Tsisyk
 
"Безопасность микросервисных приложений"
"Безопасность микросервисных приложений""Безопасность микросервисных приложений"
"Безопасность микросервисных приложений"DataArt
 
FIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE ArchitecturesFIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE ArchitecturesFIWARE
 
Code signing and trust
Code signing and trustCode signing and trust
Code signing and trustJapneet Singh
 
20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle framework20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle frameworkHu Kenneth
 
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...Дмитрий Плахов
 
Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)Luniverse Dunamu
 
Understanding private blockchains
Understanding private blockchainsUnderstanding private blockchains
Understanding private blockchainsCoin Sciences Ltd
 
Luniverse Partners Day - Jay
Luniverse Partners Day - JayLuniverse Partners Day - Jay
Luniverse Partners Day - JayLuniverse Dunamu
 
SingularityNET Developer Workshop
SingularityNET Developer Workshop SingularityNET Developer Workshop
SingularityNET Developer Workshop Ibby Benali
 
Blockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank VaghelaBlockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank VaghelaPriyankVaghela
 
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoWebinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoKaleido
 
Blockchain Introduction
Blockchain IntroductionBlockchain Introduction
Blockchain IntroductionAyham Madi
 
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...Scott Brady
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013javagroup2006
 
The Plone and The Blockchain
The Plone and The BlockchainThe Plone and The Blockchain
The Plone and The BlockchainAndreas Jung
 

La actualidad más candente (18)

Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
Вячеслав Михайлов «Как сделать Single Sign-On в веб-приложении в 10 строк кода»
 
"Безопасность микросервисных приложений"
"Безопасность микросервисных приложений""Безопасность микросервисных приложений"
"Безопасность микросервисных приложений"
 
FIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE ArchitecturesFIWARE Wednesday Webinars - How to Secure FIWARE Architectures
FIWARE Wednesday Webinars - How to Secure FIWARE Architectures
 
Code signing and trust
Code signing and trustCode signing and trust
Code signing and trust
 
20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle framework20180714 workshop - Ethereum decentralized application with truffle framework
20180714 workshop - Ethereum decentralized application with truffle framework
 
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
Доклад Владимира Бичева на третьем митапе сообщества блокчейн-разработчиков С...
 
Dash Crypto Currency Intro for Techies
Dash Crypto Currency Intro for TechiesDash Crypto Currency Intro for Techies
Dash Crypto Currency Intro for Techies
 
Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)Luniverse Partners Day - Hyperledger Fabric(Keyinside)
Luniverse Partners Day - Hyperledger Fabric(Keyinside)
 
Understanding private blockchains
Understanding private blockchainsUnderstanding private blockchains
Understanding private blockchains
 
Luniverse Partners Day - Jay
Luniverse Partners Day - JayLuniverse Partners Day - Jay
Luniverse Partners Day - Jay
 
SingularityNET Developer Workshop
SingularityNET Developer Workshop SingularityNET Developer Workshop
SingularityNET Developer Workshop
 
Blockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank VaghelaBlockchain Technology - The Next Superpower By Priyank Vaghela
Blockchain Technology - The Next Superpower By Priyank Vaghela
 
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and KaleidoWebinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
Webinar: Enterprise Blockchain Radically Simplified with Truffle and Kaleido
 
Blockchain Introduction
Blockchain IntroductionBlockchain Introduction
Blockchain Introduction
 
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
Authorization for the IoT: The OAuth Device Flow (European Identity & Cloud C...
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
 
Hacking Blockchain
Hacking BlockchainHacking Blockchain
Hacking Blockchain
 
The Plone and The Blockchain
The Plone and The BlockchainThe Plone and The Blockchain
The Plone and The Blockchain
 

Destacado

Expanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical CommunicationsExpanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical CommunicationsCPqD
 
The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014CPqD
 
Strategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsStrategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsCPqD
 
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...CPqD
 
7 regulatory aspects to accelerate the deployment of 4 g networks in brazil
7 regulatory aspects to accelerate the deployment of 4 g networks in brazil7 regulatory aspects to accelerate the deployment of 4 g networks in brazil
7 regulatory aspects to accelerate the deployment of 4 g networks in brazilCPqD
 
4 lte, an operator’s reality
4 lte, an operator’s reality4 lte, an operator’s reality
4 lte, an operator’s realityCPqD
 
1 a vision on the evolution to 5 g networks
1 a vision on the evolution to 5 g networks1 a vision on the evolution to 5 g networks
1 a vision on the evolution to 5 g networksCPqD
 

Destacado (7)

Expanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical CommunicationsExpanding the Boundaries of Optical Communications
Expanding the Boundaries of Optical Communications
 
The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014The Future of Mobile Broadband LTE 2014
The Future of Mobile Broadband LTE 2014
 
Strategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsStrategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO Systems
 
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
LTE-Advanced Carrier Aggregation CA – from design to implementation and test ...
 
7 regulatory aspects to accelerate the deployment of 4 g networks in brazil
7 regulatory aspects to accelerate the deployment of 4 g networks in brazil7 regulatory aspects to accelerate the deployment of 4 g networks in brazil
7 regulatory aspects to accelerate the deployment of 4 g networks in brazil
 
4 lte, an operator’s reality
4 lte, an operator’s reality4 lte, an operator’s reality
4 lte, an operator’s reality
 
1 a vision on the evolution to 5 g networks
1 a vision on the evolution to 5 g networks1 a vision on the evolution to 5 g networks
1 a vision on the evolution to 5 g networks
 

Similar a Open stack identity project update (havana) (1)

Building an Effective Architecture for Identity and Access Management.pdf
Building an Effective Architecture for Identity and Access Management.pdfBuilding an Effective Architecture for Identity and Access Management.pdf
Building an Effective Architecture for Identity and Access Management.pdfJorge Alvarez
 
OpenStack Toronto Meetup - Keystone 101
OpenStack Toronto Meetup - Keystone 101OpenStack Toronto Meetup - Keystone 101
OpenStack Toronto Meetup - Keystone 101Steve Martinelli
 
MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021Suresh Rathore
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceTLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceNGINX, Inc.
 
FIWARE Training: Identity Management and Access Control
FIWARE Training: Identity Management and Access ControlFIWARE Training: Identity Management and Access Control
FIWARE Training: Identity Management and Access ControlFIWARE
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEATLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEANGINX, Inc.
 
6 atec ant block chain
6 atec ant block chain6 atec ant block chain
6 atec ant block chainChris Skinner
 
getdns PyCon presentation
getdns PyCon presentationgetdns PyCon presentation
getdns PyCon presentationMelinda Shore
 
What's New With Globus
What's New With GlobusWhat's New With Globus
What's New With GlobusGlobus
 
Applications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectApplications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectKavindu Dodanduwa
 
NGINX Plus R18: What's new
NGINX Plus R18: What's newNGINX Plus R18: What's new
NGINX Plus R18: What's newNGINX, Inc.
 
2010-03-30 Red Hat Identity Management, Certificate System Technical Overview
2010-03-30 Red Hat Identity Management, Certificate System Technical Overview2010-03-30 Red Hat Identity Management, Certificate System Technical Overview
2010-03-30 Red Hat Identity Management, Certificate System Technical OverviewShawn Wells
 
Inside Architecture of Neutron
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutronmarkmcclain
 
The OpenID Connect Protocol
The OpenID Connect ProtocolThe OpenID Connect Protocol
The OpenID Connect ProtocolClément OUDOT
 
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...Andrey Devyatkin
 

Similar a Open stack identity project update (havana) (1) (20)

Building an Effective Architecture for Identity and Access Management.pdf
Building an Effective Architecture for Identity and Access Management.pdfBuilding an Effective Architecture for Identity and Access Management.pdf
Building an Effective Architecture for Identity and Access Management.pdf
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's Encrypt
 
OpenStack Toronto Meetup - Keystone 101
OpenStack Toronto Meetup - Keystone 101OpenStack Toronto Meetup - Keystone 101
OpenStack Toronto Meetup - Keystone 101
 
MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceTLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
 
FIWARE Training: Identity Management and Access Control
FIWARE Training: Identity Management and Access ControlFIWARE Training: Identity Management and Access Control
FIWARE Training: Identity Management and Access Control
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEATLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
 
OpenStack Keystone
OpenStack KeystoneOpenStack Keystone
OpenStack Keystone
 
6 atec ant block chain
6 atec ant block chain6 atec ant block chain
6 atec ant block chain
 
getdns PyCon presentation
getdns PyCon presentationgetdns PyCon presentation
getdns PyCon presentation
 
What's New With Globus
What's New With GlobusWhat's New With Globus
What's New With Globus
 
Applications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectApplications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connect
 
NGINX Plus R18: What's new
NGINX Plus R18: What's newNGINX Plus R18: What's new
NGINX Plus R18: What's new
 
2010-03-30 Red Hat Identity Management, Certificate System Technical Overview
2010-03-30 Red Hat Identity Management, Certificate System Technical Overview2010-03-30 Red Hat Identity Management, Certificate System Technical Overview
2010-03-30 Red Hat Identity Management, Certificate System Technical Overview
 
SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID
SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID
SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID
 
Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basics
 
Consul
ConsulConsul
Consul
 
Inside Architecture of Neutron
Inside Architecture of NeutronInside Architecture of Neutron
Inside Architecture of Neutron
 
The OpenID Connect Protocol
The OpenID Connect ProtocolThe OpenID Connect Protocol
The OpenID Connect Protocol
 
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...
HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...
 

Open stack identity project update (havana) (1)

  • 1.
  • 2. OpenStack Keystone Identity Project Update Dolph Mathews PTL
  • 3. Overview ● What is Keystone? ● Grizzly ● Havana ● Questions
  • 4. What is Keystone? ● Interface to Identity Management ● Authentication ○ Client authentication: username + password ○ Request authentication: token ● Limited authorization ○ Centrally managed role assignments ○ Decentralized policy enforcement ● Service Discovery
  • 5. Grizzly ● Signed Tokens ● Identity API v3 ● Domains ● User groups ● Trusts ● Policies ● External authentication methods ● Pluggable authentication driver
  • 6. Havana ● External authentication ○ OAuth 1.0a ○ x509 ● Client support ○ Middleware: auth_token ○ Command line: openstackclient ○ Web UI: Horizon ● Event notifications ● Availability zones and region management
  • 7. Havana ● Key management ● LDAP integration ● Centralized quotas ● Secure endpoint-endpoint communication ● Fine-grained access control
  • 8. OpenStack Keystone Questions? Dolph Mathews PTL