The Must-Attend

Open Infrastructure Event

The world runs on open infrastructure. At the OpenStack Summit, you’ll learn about the mix of open technologies building the modern infrastructure stack, including OpenStack, Kubernetes, Docker, Ansible, Ceph, OVS, OpenContrail, OPNFV, and more. Whether you are pursuing a private, public or multi-cloud approach, the OpenStack Summit is the place to network, skill up and plan your cloud strategy.

Boston, MA
May 8-11, 2017

The Must-Attend

Open Infrastructure Event

Join the movement behind the most widely deployed open source cloud platform. Whether you are pursuing a private, hybrid or multi-cloud approach, the OpenStack Summit is the place to network, skill up and plan your cloud strategy.

Boston, MA
May 8-11, 2017

Event Details


Barbican Workshop: Securing the Cloud (Including Thales nShield HSM)

**Back by Popular demand, It was the most popular workshop at the Barcelona OpenStack Summit.**

Security is at, or near, the top of everyone's list of "stuff that's important," yet the management of security artifacts (such as keys and certificates) has been lacking a cohesive solution.  This is where Barbican comes into the picture.  Barbican provides secure storage and provisioning of secrets, including keys and certificates. 

This workshop provides a tour through the magical world of Barbican, led by core members of the Barbican project.

By the end of the class you will know:

  1. Importance of secret storage
  2. How to store and retrieve secrets with Barbican
  3. How to submit an order with Barbican
  4. How to create a container
  5. How to use quotas
  6. Uses for additional user metadata
  7. Dogtag Certificate System Integration
  8. Thales nShield Hardware Security Module (HSM) Setup
  9. Barbican Dev-Ops Architecture
  10. Use cases for Barbican / Examples
  11. Castellan (Generic Key Management Interface) Use Cases
  12. Barbican's Roadmap

Please note:  session attendance does have a maximum capacity.  All admittance will be on a first come, first served basis.  Thank you for your understanding.   


What can I expect to learn?

Attendees of all skill levels can attend, from Beginner to Expert.

 By the end of the class an atendee will know:

  1. Importance of secret storage
  2. How to store and retrieve secrets with Barbican
  3. How to submit an order with Barbican
  4. How to create a container
  5. How to use quotas
  6. Uses for additional user metadata
  7. Dogtag Certificate System Integration
  8. Thales nShield Hardware Security Module (HSM) Setup
  9. Barbican Dev-Ops Architecture
  10. Use cases for Barbican / Examples
  11. Castellan (Generic Key Management Interface) Use Cases
  12. Barbican's Roadmap

Attendees are not expected to have any previous experience with Barbican.  A basic understanding of security components (such as keys and certificates) and a basic understanding of REST is helpful, but not required.

Tuesday, May 9, 4:40pm-6:10pm
Level: Beginner
Fernando Diaz  Moderator
IBM
Fernando Diaz is an active OpenStack Core Contributor, focusing on Barbican Development. Born and raised in Miami, Florida, Fernando recieved his B.ASc. in Computer Science at Florida International University. Fernando is currently a Cloud Developer for IBM and works on Key Protect, IBM's Key Management Solution. Currently resides in Austin, Texas. He helps keep Austin weird. FULL PROFILE
Cisco Systems
Dave McCowan leads security initiatives for the Cloud Solutions Group at Cisco. He is PTL for the Barbican project and an active contributor to the Security and Kolla projects.   FULL PROFILE
Rackspace
Douglas is a Racker, and former PTL for the Key Management (Barbican) project.  Before being involved in OpenStack, Douglas was a software development consultant specializing in secure development of mobile and web applications.  Douglas also helps organize the Alamo City Python Users Group in his home town of San Antonio, Texas. FULL PROFILE
Johns Hopkins University Applied Physics Lab
Kaitlin Farr is a Software Engineer at the Johns Hopkins University Applied Physics Laboratory (JHU/APL). She has been contributing upstream to security-related features for OpenStack since 2013.  She is on the core team for the key manager project Barbican and the main contributor to Castellan, the key manager interface library. Kaitlin received her M.S. in Computer Science from the... FULL PROFILE
Red Hat
Ade works for Red Hat, and has been involved in Dogtag development (and its integration into FreeIPA) for a number of years now. He has worked to integrate Dogtag and FreeIPA with Openstack, and is a core contributor to the Barbican project. Most recently, he has worked on puppet modules to deploy Barbican in Triple-O and RDO. FULL PROFILE