Dynamic Policy for Access Control

Who can do what? In OpenStack, it is the Policy engine that controls these decisions. A secure deployment means moving beyond the default policy provided with the base distribution. But how do you write policy
rules that reflect your security decisions? This presentation, Adam Young, a core Keystone developer from the Red Hat Identity Management team, explain the access control policy mechanism from start to finish: How Keystone separate authentication from authorization, why the default policy file is so simplistic, how to build policies that reflect your
organization, and the capabilites and limitation of policy enforcement. We'll conclude with a view of the future of policy management in OpenStack.

Speakers

Adam Young

Cloud Solutions Architect, Red Hat

After a long career as a software developer, Adam Decided it was time to talk to people actually running the software he wrote, and became a Solutions Architect. He is a long time core developer on Keystone, the authentication and authorization service for OpenStack. Adam has worked... Read More →

Monday May 18, 2015 11:15am - 11:55am PDT
Room 211

Cloud Security

OpenStack Summit May 2015 Vancouver

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Adam Young