Integration with GuardianKey

Paulo Angelo pa at pauloangelo.com
Sat Mar 30 20:54:28 UTC 2019


Hi all,

We are trying to integrate OpenStack (Horizon or Keystone) with GuardianKey.
However, we have doubts related to the best way to do this and the best
point in the code for this integration.

GuardianKey is a solution to protect systems against authentication
attacks. It uses Machine Learning and analyses the user's behavior, threat
intelligence and psychometrics (or behavioral biometrics). The protected
system (in the concrete case, OpenStack admin interface) must send an event
via REST for the GuardianKey on each login attempt. More info at https://
guardiankey.io .

The best way to integrate would be on having a hook in the procedure that
process the user credentials submission in OpenStack (the script that
receives the POST), something such as:

if(<POST IN AUTH FORM>) {

 boolean loginFailed =  checkLogin();

 GuardianKeyEvent event = createEventForGuardianKey(username,loginFailed);

 boolean GuardianKeyValidation = checkGuardianKeyViaREST(event);

 if(GuardianKeyValidation){

    // Allow access

 } else {

    // Deny access

 }

}

Where is the best place to create this integration? Horizon or Keystone? Is
there a way to create a hook for this purpose? Should we create an
extension?

Any help is welcome.

Thank you in advance.

Best regards,

Paulo Angelo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190330/0db1984e/attachment-0001.html>


More information about the openstack-discuss mailing list