Videos provided by OpenStack Summit via OpenStack Foundation YouTube Channel
This presentation will cover architectural and procedural security concepts within KeyStone, specifically Trusts or Delgations, AMQP Security with KeyStone and integration with a Corporate LDAP for single source of truth.
Given the distributed nature of OpenStack KeyStone plays a major role in binding all of the Projects together but not much is mentioned about how to do this with KeyStone or what the pitfalls and dangers of hooking up a centralized Security System to the rest of the cloud will be. Not only do you have to be wary of the services that connect to KeyStone but you also have to be cautious of the kinds of input and data you give to KeyStone from external sources.
The security and protection of the Identity and Token repository for OpenStack or other services needs to be the most protected component within your Cloud Infrastructure.