Difference between revisions of "Keystone-Essex-BP-AuthZ"
Line 1: | Line 1: | ||
__NOTOC__ | __NOTOC__ | ||
+ | '''Goals:''' | ||
+ | |||
+ | * Support a capability model by allowing services identify capabilities by endpoint | ||
+ | * Map capabilities to role, allowing a role to span multiple endpoints & services | ||
+ | * Map users and groups to roles | ||
+ | |||
[[Image:Keystone-Essex-BP-AuthZ$ProposedKeystoneAuthZStructure.png]] | [[Image:Keystone-Essex-BP-AuthZ$ProposedKeystoneAuthZStructure.png]] |
Revision as of 15:45, 2 September 2011
Goals:
- Support a capability model by allowing services identify capabilities by endpoint
- Map capabilities to role, allowing a role to span multiple endpoints & services
- Map users and groups to roles
File:Keystone-Essex-BP-AuthZ$ProposedKeystoneAuthZStructure.png