cloudstack-marketing mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "kelcey@backbonetechnology.com" <kel...@backbonetechnology.com>
Subject Re: Advice Regarding Presentation Proposal
Date Thu, 09 May 2013 13:44:04 GMT
I would sit in on this one for sure... As long as we don't get competing slots ;).

It sounds great, and well detailed. My proposal is only a paragraph. Starting to think I should
add more detail... Look what you've done! Set the bar too high!

Sent from my HTC

----- Reply message -----
From: "John Burwell" <jburwell@basho.com>
To: <marketing@cloudstack.apache.org>
Subject: Advice Regarding Presentation Proposal
Date: Thu, May 9, 2013 4:14 AM

Hello,

I am seeking advice regarding the quality and relevance (and any other tips for success) of
the following presentation proposal for the upcoming CloudStack Collab conference: 

Title: Who the frak are you? Integrated CloudStack Authentication 
John Burwell

Abstract
========

As cloud providers and enterprises more deeply integrate CloudStack services, federation of
authentication services becomes a critical operational requirement.  While LDAP integration
allows CloudStack to securely leverage shared authentication credentials, it does not address
session management, goverance, account management, or advanced requirements such as multi-factor
authentication.  This talk will survey the available single sign-on (SSO) protocols and standards
and implementations.  It will also propose an architectural design for integrating SSO providers
into CloudStack that will not impact smaller, simplier deployment models.

Description
===========

Following a brief introduction to the single sign-on (SSO) authenication model , the talk
will explore the following benefits of integrating CloudStack with one or more SSO infrastructures:

* Integration with end-user services (e.g. PaaS platforms and object stores)
* Support for advanced authentication capabilities (e.g.  multi-factor authentication and
Kerberos)
* Allow CloudStack implementations to leverage existing enterprise authentication infrastructures
* Centralization of security policy and goverance -- reducing operational overhead for regulated
organizations

We will then survey the available authentication protocols (e.g. OAuth2, SASL, Keystone, OpenID,
etc), and their implementations (e.g. CAS, JOSSO, etc.) and their suitability to realize these
benefits for CloudStack.  Finally, a candidate architecture will be presented supporting the
current authentication model, as well as, SSO integration for more complex authentication
infrastructures. This architecture employs Shiro security framework [1] and Spring to realize
a cross layer security model with drivers for the current authentication system, as well as,
an initial SSO integration.

[1] http://shiro.apache.org

Bio
===

John is a Consulting Engineer at Basho Technologies -- makers of the open source Riak distributed
key value database and Riak CS object store.  He is also a committer to the Apache CloudStack
focused on storage architecture and security integration.  His first CloudStack contribution,
S3-backed Secondary Storage, will be included in the upcoming 4.1.0 release.  An incurable
chocoholic, John has spent the last 15 years designing and building distributed systems to
solve physical security, cloud provisioning, and supply chain problems.

Thank you for your assistance,
-John
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message