Boston
May 8-11, 2017

Event Details

Please note: All times listed below are in Central Time Zone


Barbican Workshop: Securing the Cloud (Including Thales nShield HSM)

**Back by Popular demand, It was the most popular workshop at the Barcelona OpenStack Summit.**

Security is at, or near, the top of everyone's list of "stuff that's important," yet the management of security artifacts (such as keys and certificates) has been lacking a cohesive solution.  This is where Barbican comes into the picture.  Barbican provides secure storage and provisioning of secrets, including keys and certificates. 

This workshop provides a tour through the magical world of Barbican, led by core members of the Barbican project.

By the end of the class you will know:

  1. Importance of secret storage
  2. How to store and retrieve secrets with Barbican
  3. How to submit an order with Barbican
  4. How to create a container
  5. How to use quotas
  6. Uses for additional user metadata
  7. Dogtag Certificate System Integration
  8. Thales nShield Hardware Security Module (HSM) Setup
  9. Barbican Dev-Ops Architecture
  10. Use cases for Barbican / Examples
  11. Castellan (Generic Key Management Interface) Use Cases
  12. Barbican's Roadmap

Please note:  session attendance does have a maximum capacity.  All admittance will be on a first come, first served basis.  Thank you for your understanding.   


What can I expect to learn?

Attendees of all skill levels can attend, from Beginner to Expert.

 By the end of the class an atendee will know:

  1. Importance of secret storage
  2. How to store and retrieve secrets with Barbican
  3. How to submit an order with Barbican
  4. How to create a container
  5. How to use quotas
  6. Uses for additional user metadata
  7. Dogtag Certificate System Integration
  8. Thales nShield Hardware Security Module (HSM) Setup
  9. Barbican Dev-Ops Architecture
  10. Use cases for Barbican / Examples
  11. Castellan (Generic Key Management Interface) Use Cases
  12. Barbican's Roadmap

Attendees are not expected to have any previous experience with Barbican.  A basic understanding of security components (such as keys and certificates) and a basic understanding of REST is helpful, but not required.

Tuesday, May 9, 4:40pm-6:10pm (8:40pm - 10:10pm UTC)
Difficulty Level: Beginner
IBM
Fernando Diaz is an active OpenStack Core Contributor, focusing on Barbican Development. Born and raised in Miami, Florida, Fernando recieved his B.ASc. in Computer Science at Florida International University. Fernando is currently a Cloud Developer for IBM and works on Key Protect, IBM's Key Management Solution. Currently resides in Austin, Texas. He helps keep Austin weird. FULL PROFILE
Cisco Systems
Dave McCowan leads security initiatives for the Private Cloud Engineering Team at Cisco.  He has been an OpenStack contributor for 6 years.  He is a former PTL for the Barbican project where he continues as a core reviewer.  He's an enthusiast of security of all kinds and holds a CISSP. FULL PROFILE
Senior Software Engineer
Douglas is the current PTL for the Key Management (Barbican) project.  Before being involved in OpenStack, Douglas was a software development consultant specializing in secure development of mobile and web applications.   FULL PROFILE
Johns Hopkins University Applied Physics Lab
Kaitlin Farr is a Software Engineer at the Johns Hopkins University Applied Physics Laboratory (JHU/APL). She has been contributing upstream to security-related features for OpenStack since 2013.  She is on the core team for the key manager project Barbican and the main contributor to Castellan, the key manager interface library. Kaitlin received her M.S. in Computer Science from the... FULL PROFILE
Red Hat
Ade works for Red Hat, and has been involved in various security and OpenStack projects (Dogtag, FreeIPA, Barbican, TripleO) for several years.  He is a former Barbican PTL.  Most recently, he's been working on FIPS compliance in OpenStack. FULL PROFILE