[Openstack] How to implement: Role based access control using XACML and SAML over rest for cloud

Ageeleshwar Kandavelu Ageeleshwar.Kandavelu at csscorp.com
Fri May 9 12:00:32 UTC 2014


Hi,
Your first hop is keystone project. It is the openstack identity management system. Try to get a picture of how the various other parts of openstack interact with keystone for providing their service.

Second you should look into policy.json file. There is a policy.json for every service under /etc/<service_name>. I have not used this so far and can not offer any more information. Hope other openstack developers throw up some.

Thank you,
Ageeleshwar K
________________________________
From: Priya Sharma [priya_sharma at persistent.co.in]
Sent: Friday, May 09, 2014 4:55 PM
To: 'dev at cloudstack.apache.org'; 'users at cloudstack.apache.org'; openstack at lists.openstack.org
Subject: [Openstack] How to implement: Role based access control using XACML and SAML over rest for cloud

Hi All,

I am pursuing MTech and my MTech project is “Role based access control using XACML and SAML over rest for cloud”.
I am familiar with Technologies/platform

·         Role based access control

·         XACML

·         SAML

·         Linux environment

But not aware how all this work in cloud. My aim is to implement the role based access control for cloud ,my sole purpose is cloud security.
Herein I am attaching the architecture diagram, I initially came up with.
Any suggestion in the architect and how to implement role based access control in cloud ,will be helpful.

Thanks
Priya

DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

http://www.csscorp.com/common/email-disclaimer.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140509/52cca88e/attachment.html>


More information about the Openstack mailing list