ApacheCon Seville 2016 – Next Generation Directory-Based User Management for Cloud Infrastructure – Shawn McKinney & Katarína Valaliková

Next Generation Directory-Based User Management for Cloud Infrastructure – Shawn McKinney & Katarína Valaliková

The IETF standard RFC2307 has long been a best-practice for storing security policies of unix machines across tcp/ip networks. It has a common data format so that a uniform security policy can be applied across every node in the network. The problem is keeping the security policy current. There needs to be a mediator to automatically keep events in sync. Access must be granted when new machines pop up without delay, and most importantly, removed, when no longer needed. At the same time rigid policies must be maintained about who can access a machine when, and for what purpose, or for that matter, who can grant that access, and under what conditions. Everything must also be backed up by a centralized audit trail. Here we’ll present an approach for doing this using some open source software. There is a demo based on a hypothetical case study.

More information about this talk

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s