cloudstack-marketing mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Giles Sirett <>
Subject RE: Advice Regarding Presentation Proposal
Date Thu, 09 May 2013 13:49:05 GMT
+1 John, make sure you don’t submit that, its far too good & detailed and they'll end
up offering you ALL of the other slots, you're just going to cause an escalation of submission
quality :-)

Seriously, I think it looks interesting and about the right level for the audience

Kind Regards

D: +44 20 3603 0541 | M: +44 796 111 2055

-----Original Message-----
From: []
Sent: 09 May 2013 14:44
Subject: Re: Advice Regarding Presentation Proposal

I would sit in on this one for sure... As long as we don't get competing slots ;).

It sounds great, and well detailed. My proposal is only a paragraph. Starting to think I should
add more detail... Look what you've done! Set the bar too high!

Sent from my HTC

----- Reply message -----
From: "John Burwell" <>
To: <>
Subject: Advice Regarding Presentation Proposal
Date: Thu, May 9, 2013 4:14 AM


I am seeking advice regarding the quality and relevance (and any other tips for success) of
the following presentation proposal for the upcoming CloudStack Collab conference:

Title: Who the frak are you? Integrated CloudStack Authentication John Burwell


As cloud providers and enterprises more deeply integrate CloudStack services, federation of
authentication services becomes a critical operational requirement.  While LDAP integration
allows CloudStack to securely leverage shared authentication credentials, it does not address
session management, goverance, account management, or advanced requirements such as multi-factor
authentication.  This talk will survey the available single sign-on (SSO) protocols and standards
and implementations.  It will also propose an architectural design for integrating SSO providers
into CloudStack that will not impact smaller, simplier deployment models.


Following a brief introduction to the single sign-on (SSO) authenication model , the talk
will explore the following benefits of integrating CloudStack with one or more SSO infrastructures:

* Integration with end-user services (e.g. PaaS platforms and object stores)
* Support for advanced authentication capabilities (e.g.  multi-factor authentication and
* Allow CloudStack implementations to leverage existing enterprise authentication infrastructures
* Centralization of security policy and goverance -- reducing operational overhead for regulated

We will then survey the available authentication protocols (e.g. OAuth2, SASL, Keystone, OpenID,
etc), and their implementations (e.g. CAS, JOSSO, etc.) and their suitability to realize these
benefits for CloudStack.  Finally, a candidate architecture will be presented supporting the
current authentication model, as well as, SSO integration for more complex authentication
infrastructures. This architecture employs Shiro security framework [1] and Spring to realize
a cross layer security model with drivers for the current authentication system, as well as,
an initial SSO integration.



John is a Consulting Engineer at Basho Technologies -- makers of the open source Riak distributed
key value database and Riak CS object store.  He is also a committer to the Apache CloudStack
focused on storage architecture and security integration.  His first CloudStack contribution,
S3-backed Secondary Storage, will be included in the upcoming 4.1.0 release.  An incurable
chocoholic, John has spent the last 15 years designing and building distributed systems to
solve physical security, cloud provisioning, and supply chain problems.

Thank you for your assistance,
This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue
is a registered trademark.
View raw message