Hi, Your first hop is keystone project. It is the openstack identity management system. Try to get a picture of how the various other parts of openstack interact with keystone for providing their service.
Second you should look into policy.json file. There is a policy.json for every service under /etc/<service_name>. I have not used this so far and can not offer any more information. Hope other openstack developers throw up some. Thank you, Ageeleshwar K ________________________________ From: Priya Sharma [priya_sha...@persistent.co.in] Sent: Friday, May 09, 2014 4:55 PM To: 'd...@cloudstack.apache.org'; 'us...@cloudstack.apache.org'; openstack@lists.openstack.org Subject: [Openstack] How to implement: Role based access control using XACML and SAML over rest for cloud Hi All, I am pursuing MTech and my MTech project is “Role based access control using XACML and SAML over rest for cloud”. I am familiar with Technologies/platform · Role based access control · XACML · SAML · Linux environment But not aware how all this work in cloud. My aim is to implement the role based access control for cloud ,my sole purpose is cloud security. Herein I am attaching the architecture diagram, I initially came up with. Any suggestion in the architect and how to implement role based access control in cloud ,will be helpful. Thanks Priya DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails. http://www.csscorp.com/common/email-disclaimer.php
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
