In the online world, identity management is known as the management of individual customer identities, their authentication, authorization and privileges within or across an enterprise boundaries to ensure security and productivity while decreasing cost and down times. In one line, IDM is the task of controlling information about users around the world.
In this blog post we’ll be discussing some well-known open source cloud computing platforms and will also analyze their identity management schemes and properties. So let’s start your learning:
Eucalyptus: Identity and Access management!
“Elastic Utility Computing Architecture for Linking Your Program to Useful System”- shortly known as EUCALYPTUS is an open source private cloud software which is typically for building up the hybrid cloud resources for computing,networking and storage purpose. These private and hybrid cloud resources are highly compatible with Amazon web service (AWS) APIs.
Identity management platform is the feature of Eucalyptus private cloud software which is meant for the complete management of customer identities and administration of access controls over resources. This also provides the reports based on the resource usage for monitoring and managing cloud activities. By default, Eucalyptus collects all the identities and their referential policies in the local cloud controller(CLC) database.
OpenStack identity service: keystone!
Keystone is the by default identity management system for OpenStack. Keystone consolidates Openstack’s functions for authentication,policy management and managing a catalog of service endpoints for the users.In existing Keystone implementation there is a centralized approach where first users need to enroll themselves in its database, either by manually or via bulk loading from a corporate database such as LDAP, before granting them the access to any of the services.
OpenNebula: Users and group management!
OpenNebula is most popularly used project by organizations as an open and flexible cloud virtualization program on their VMware-based data center that enables highly scalable hosting environments. OpenNebula classifies users into 4 categories: administrators(users belong to admin group), regular users (who can access most of the OpenNebula functionalities), public users(may access only public interfaces) and service users(having OpenNebula service account). the access of any resource highly depends on the category where a user falls in. User can share resources by granting access permission to other users in their group or to any other user in the system. Moreover this OpenNebula comes with an internal user/password authentication system while an external authentication driver can also be enabled anytime when required.