+1 John, make sure you don’t submit that, its far too good & detailed and they'll end up offering you ALL of the other slots, you're just going to cause an escalation of submission quality :-)
Seriously, I think it looks interesting and about the right level for the audience Kind Regards Giles D: +44 20 3603 0541 | M: +44 796 111 2055 giles.sir...@shapeblue.com -----Original Message----- From: kel...@backbonetechnology.com [mailto:kel...@backbonetechnology.com] Sent: 09 May 2013 14:44 To: marketing@cloudstack.apache.org Subject: Re: Advice Regarding Presentation Proposal I would sit in on this one for sure... As long as we don't get competing slots ;). It sounds great, and well detailed. My proposal is only a paragraph. Starting to think I should add more detail... Look what you've done! Set the bar too high! Sent from my HTC ----- Reply message ----- From: "John Burwell" <jburw...@basho.com> To: <marketing@cloudstack.apache.org> Subject: Advice Regarding Presentation Proposal Date: Thu, May 9, 2013 4:14 AM Hello, I am seeking advice regarding the quality and relevance (and any other tips for success) of the following presentation proposal for the upcoming CloudStack Collab conference: Title: Who the frak are you? Integrated CloudStack Authentication John Burwell Abstract ======== As cloud providers and enterprises more deeply integrate CloudStack services, federation of authentication services becomes a critical operational requirement. While LDAP integration allows CloudStack to securely leverage shared authentication credentials, it does not address session management, goverance, account management, or advanced requirements such as multi-factor authentication. This talk will survey the available single sign-on (SSO) protocols and standards and implementations. It will also propose an architectural design for integrating SSO providers into CloudStack that will not impact smaller, simplier deployment models. Description =========== Following a brief introduction to the single sign-on (SSO) authenication model , the talk will explore the following benefits of integrating CloudStack with one or more SSO infrastructures: * Integration with end-user services (e.g. PaaS platforms and object stores) * Support for advanced authentication capabilities (e.g. multi-factor authentication and Kerberos) * Allow CloudStack implementations to leverage existing enterprise authentication infrastructures * Centralization of security policy and goverance -- reducing operational overhead for regulated organizations We will then survey the available authentication protocols (e.g. OAuth2, SASL, Keystone, OpenID, etc), and their implementations (e.g. CAS, JOSSO, etc.) and their suitability to realize these benefits for CloudStack. Finally, a candidate architecture will be presented supporting the current authentication model, as well as, SSO integration for more complex authentication infrastructures. This architecture employs Shiro security framework [1] and Spring to realize a cross layer security model with drivers for the current authentication system, as well as, an initial SSO integration. [1] http://shiro.apache.org Bio === John is a Consulting Engineer at Basho Technologies -- makers of the open source Riak distributed key value database and Riak CS object store. He is also a committer to the Apache CloudStack focused on storage architecture and security integration. His first CloudStack contribution, S3-backed Secondary Storage, will be included in the upcoming 4.1.0 release. An incurable chocoholic, John has spent the last 15 years designing and building distributed systems to solve physical security, cloud provisioning, and supply chain problems. Thank you for your assistance, -John This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
