openstack team mailing list archive

Thread
Date

Re: Encrypted virtual machines

To: Matt Joyce <matt@xxxxxxxxxxxxxxx>
From: Justin Santa Barbara <justin@xxxxxxxxxxxx>
Date: Thu, 26 Apr 2012 11:26:48 -0700
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <CAP_sDUFN65Bcpfcsv3ZskjVfyD9X+omynVKPh0wTR+nvuHT5dw@mail.gmail.com>

On Thu, Apr 26, 2012 at 9:05 AM, Matt Joyce <matt@xxxxxxxxxxxxxxx> wrote:

> >From a security stand point I am curious what you see the benefit as?


I think that long-term there is the potential to have a cloud where you
don't have to trust the cloud provider (e.g. Intel Trusted Compute).
 However, there are a huge number of steps that need to happen first, so I
don't know that encrypting the qcow disk image would get you very much
today.

However, you could encrypt your filesystem (inside the disk image), and
have it prompt for a password on boot.  Then you could go in via VNC
(today) and unlock your disk image.

Your cloud provider can still grab memory etc.  But I think that's the best
you can do today.  One day we may be able to automate something similar,
yet still have it be secure.

Virtualized I/O performance is poor compared to CPU performance, so I guess
you wouldn't even notice the hit!  But this is pure speculation,


A little plug - one of the pieces of the big picture is figuring out how to
store secrets; at the design summit I proposed storing them securely in
Keystone; I just wrote up the (first draft?) of the blueprint:
https://blueprints.launchpad.net/nova/+spec/secure-secret-storage

Justin

References

Encrypted virtual machines
From: Michael Grosser, 2012-04-26
Re: Encrypted virtual machines
From: Matt Joyce, 2012-04-26