OpenStack Compute (nova)

Trusted Computing pools

Registered by Jun Nakajima

The feature will allow cloud hosting providers to build trusted computing pools based on H/W-based security features, such as Intel Trusted Execution Technology (TXT). Combining attestation done by a separate entity (i.e. "remote attestation"), the providers can ensure that verified measurement of software be running in the cloud, thus they can establish the foundation for the secure cloud stack. Such remote attestation services can be developed by using SDK that we plan to provide. Policy-based scheduling (in a separate blueprint) or a simpler one will be used to find "trusted" nodes.

Blueprint information

Status:
Complete
Approver:
Rick Clark
Priority:
Low
Drafter:
Jun Nakajima
Direction:
Approved
Assignee:
fred yang
Definition:
Approved
Series goal:
Accepted for folsom
Implementation:
Implemented
Milestone target:
milestone icon 2012.2
Started by
fred yang
Completed by
Thierry Carrez

Sprints

Whiteboard

The Blueprint was discussed in Diablo design summit April 2011
We would need blueprint approved for further code submit ESSex

Gerrit topic: https://review.openstack.org/#q,topic:bp/trusted-computing-pools,n,z

Addressed by: https://review.openstack.org/1800
    Adds trusted-computing-pools support. Implements blueprint trusted-computing-pools

Addressed by: https://review.openstack.org/1899
    Adds trusted-computing-pools support. Implements blueprint trusted-computing-pools

Addressed by: https://review.openstack.org/7262
    Add Trusted Computing Pool support

(?)

Work Items

Nearby