K2HR3 - K2Hdkc based Resource and Roles and policy Rules
K2HR3 is a RBAC (Role Based Access Control) system. K2HR3 is designed to primarily work in a private cloud environment, which is dedicated to deliver services to a single organization. K2HR3-0.9.0 works with OpenStack.
The primary feature is called +SERVICE that enables service owners in cloud environments to control their resources. K2HR3 as a RBAC system defines the three primary elements: role, rule(or policy rule) and resource. Every host is defined as a member of roles in K2HR3 and a host can access resources in a way followed by rules.
Defines a collection of a host(or an IP address) that access assets in a service.
- Rule(or Policy Rule)
Defines a group of actions(read and write) over assets in a service and a permission(allow or deny) to the group of actions.
Defines a value(string or object) as an asset in a service. A value can contains data in any form: text or binary. A text data can be a key, a token or an URL.
K2HR3 System Overview
The following figure shows the K2HR3 system overview.
We provide the following utilities for K2HR3.
A tool to quickly bring up a complete K2HR3 system in a Linux(Debian9, Ubuntu18.04, Fedora29 or CentOS7) host.