中文摘要：

选择Keystone组件作为OpenStack安全问题研究的切入点，分析了该组件相关的安全问题。首先简要介绍了OpenStack的主要功能组件及组件间的交互关系，详细描述了Keystone的对象模型，并深入研究了其认证机制。在充分分析了Keystone运行机制的基础上，提出了Keystone中存在的安全问题，并给出了相应的改进方案。

英文摘要：

Selecting Keystone component as the beginning of researching OpenStacek security issues, it analyzes the security issues on this component. It firstly describes the major functional components of OpenStack and the interactive relation between the components, presents object model of Keystone in detail, and researches its identification mechanism. Based on the analysis of Keystone operation mechanism, it presents the security issues on Keystone and gives the relative improvement solution.