Project Cardamom

Google Summer Of Code 2015

Welcome to Project Cardamom.

Access Control or Authorization is the least understood paradigm in software security. Project Cardamom aims to make it simple for projects to incorporate access control.

If you find access control to be very complicated, then you are not alone. It has a lot of permutations and combinations that make applying rules to your security decisions very difficult.

Philosophy

The philosophy behind Project Cardamom is to externalize the access control engine from your business logic. Now your projects can include Cardamom and use its API to make access control decisions.

GSOC Tasks

Category: Big Data Security

Task: Write a HBase coprocessor for Cardamom to provide access control decisions to HBase operations.
Mentor: Anil Saldhana
Prerequisites: Some programming experience required.
Language: Java

Category: Android Application Security

Task: Write Android library that has an API for Android applications to call a REST server to download entitlements to make local access decisions.
Mentor: Anil Saldhana
Prerequisites: Some programming experience required.
Language: Java/Android

How to contact the mentors?

IRC

IRC on Freenode, Channel is "cardamom".
There is a webclient for Freenode at Cardamom on WebChat

Email

Please email cardamom-dev AT googlegroups.com