{"guid":"-CVvXbWXJE9qM7F5NaSGGQ","title":"Identity in OpenStack: the Challenge of Multitenancy","subtitle":null,"slug":"2525-identity-in-openstack-the-challenge-of-multitenancy","link":"https://c3voc.de","description":"Keystone is the OpenStack component responsible for identity management and\nuser authentication and authorization, which has unique challenges in\ncloud-like environments where secure sharing of resources is an essential\nrequirement and yet is fundamental to the core idea of collaborative\ncomputing. This introductory talk will give an overview of the keystone\nproject, including:\n\n* The many ways users and applications can securely authenticate with\n  keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos\n* The implications for authorization in a multitenant environment and how\n  role-based access control is designed in keystone\n* How keystone relates to projects outside of the OpenStack ecosystem such as\n  Kubernetes\n\nKeystone is the OpenStack component responsible for identity management and\nuser authentication and authorization, which has unique challenges in\ncloud-like environments where secure sharing of resources is an essential\nrequirement and yet is fundamental to the core idea of collaborative\ncomputing. This introductory talk will give an overview of the keystone\nproject, including:\n\n* The many ways users and applications can securely authenticate with\n  keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos\n* The implications for authorization in a multitenant environment and how\n  role-based access control is designed in keystone\n* How keystone relates to projects outside of the OpenStack ecosystem such as\n  Kubernetes","original_language":"eng","persons":["Colleen Murphy"],"view_count":79,"promoted":false,"date":"2019-05-26T00:00:00.000+02:00","release_date":"2019-05-26T02:00:00.000+02:00","updated_at":"2025-10-21T17:15:06.690+02:00","tags":["osc19","2525","Cloud and Containers"],"length":1585,"duration":1585,"thumb_url":"https://static.media.ccc.de/media/events/osc/2019/2525-hd.jpg","poster_url":"https://static.media.ccc.de/media/events/osc/2019/2525-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/osc/2019/2525-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/osc/2019/2525-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/2525-identity-in-openstack-the-challenge-of-multitenancy","url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_title":"openSUSE Conference 2019","conference_url":"https://api.media.ccc.de/public/conferences/osc19","related":[{"event_id":1252,"event_guid":"import-0aafe9aa6896dd1f8b","weight":2},{"event_id":2134,"event_guid":"1__cd06WAoENTm6JjzMJVA","weight":1},{"event_id":3615,"event_guid":"74783236-46f4-493c-9574-1b27a44847b7","weight":1},{"event_id":4126,"event_guid":"ded4a05f-156c-558b-99e8-21170c7a96f6","weight":1},{"event_id":6120,"event_guid":"6f3f49b6-2f08-50ff-a45c-aa728047dd5e","weight":2},{"event_id":6121,"event_guid":"4e876909-16b1-5520-82a8-07f257a20faf","weight":3},{"event_id":6324,"event_guid":"c5b84ee4-7143-46f6-a76f-013b00eded6e","weight":1},{"event_id":6474,"event_guid":"f58a2b6d-bde0-483b-a8db-043ea9371cb6","weight":1},{"event_id":6603,"event_guid":"ea00d1e0-a580-415f-a8cf-f02883d939dc","weight":1},{"event_id":6971,"event_guid":"78d97d77-0eda-54df-8f51-192fdf4e5cd4","weight":1},{"event_id":7049,"event_guid":"12604a94-71d9-11e9-83b2-273cc25ecd6f","weight":1},{"event_id":7050,"event_guid":"456fb60c-5ce7-11e8-be47-1fb2912eb899","weight":4},{"event_id":7051,"event_guid":"bdf6c301-d6d9-5dde-b159-881c217f1e66","weight":2},{"event_id":7058,"event_guid":"6Vz-zO0BBM9WondOan6bJw","weight":2},{"event_id":7087,"event_guid":"OB5O-mYv6r9yEGLa77x8nw","weight":2},{"event_id":7091,"event_guid":"Fr3C_NhVihzg-YFJoESUxw","weight":1},{"event_id":7093,"event_guid":"dVYz0GFKsKPfIUQDmTJmqQ","weight":2},{"event_id":7110,"event_guid":"3e7f1444-b72c-594f-b033-d96b21c1961c","weight":2}],"recordings":[{"size":53,"length":1585,"mime_type":"video/mp4","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2019-05-26T15:44:46.285+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/h264-hd/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_hd.mp4","url":"https://api.media.ccc.de/public/recordings/35580","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":18,"length":1585,"mime_type":"audio/opus","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2019-05-26T15:47:04.029+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/opus/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_opus.opus","url":"https://api.media.ccc.de/public/recordings/35585","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":24,"length":1585,"mime_type":"audio/mpeg","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2019-05-26T15:47:34.827+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/mp3/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/35586","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":33,"length":1585,"mime_type":"video/mp4","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2019-05-26T15:49:04.956+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/h264-sd/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_sd.mp4","url":"https://api.media.ccc.de/public/recordings/35587","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":40,"length":1585,"mime_type":"video/webm","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2019-05-26T15:53:35.086+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/webm-sd/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/35589","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"},{"size":86,"length":1585,"mime_type":"video/webm","language":"eng","filename":"osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2019-05-26T16:03:06.118+02:00","recording_url":"https://cdn.media.ccc.de/events/osc/2019/webm-hd/osc19-2525-eng-Identity_in_OpenStack_the_Challenge_of_Multitenancy_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/35592","event_url":"https://api.media.ccc.de/public/events/-CVvXbWXJE9qM7F5NaSGGQ","conference_url":"https://api.media.ccc.de/public/conferences/osc19"}]}