OpenStack Summit May 2014 Atlanta

One of the highly-sung benefits to choosing an OpenStack provider is the promise of portability. Users want to be confident that the tools they are using and the status events they anticipate are interoperable across all OpenStack providers. So if one cloud service provider is deemed better than another for a certain type of workload, it can be moved without change to the clients, the monitoring, or even the user interface. This uniformity creates the look & feel of a cloud of clouds.
For large enterprises, the more control they have over the authentication and authorization functions across multiple vendors and systems, the more access governance and auditing they can do. When an employee leaves a company, it could be detrimental to inadvertently leave their access intact. When a new employee is hired, they shouldn't have to climb over the hurdles of red tape-laden processes in order to access the critical systems they need to do their job. In Icehouse, thanks in large part to CERN, IBM, Rackspace, RedHat, and the University of Kent, identity federation took a foothold. Now, companies can resume control of the authentication process prior to enabling access to an OpenStack cloud.
However, identity federation is only 1/2 of the equation. To access the portability benefits that a cloud of clouds offers, companies need to be able to specify which OpenStack clouds to trust and which ones not to trust. This session will hone in on service provider federation and explain how enterprises can identify trust-based relationships to implement federation solutions.