[openstack-dev] [Swift] Server Side Encryption

David Hadas DAVIDH at il.ibm.com
Wed Nov 20 11:26:54 UTC 2013

Hi all,

We created a wiki page discussing the addition of software side encryption
to Swift:
"The general scheme is to create a swift proxy middleware that will encrypt
and sign the object data during PUT and check the signature + decrypt it
during GET. The target is to create two domains - the user domain between
the client and the middleware where the data is decrypted and the system
domain between the middleware and the data at rest (on the device) where
the data is encrypted.
Design goals include: (1) Extend swift as necessary but without changing
existing swift behaviors and APIs; (2) Support encrypting data incoming
from unchanged clients"

See:  https://wiki.openstack.org/wiki/Swift/server-side-enc
We would like to invite feedback.


David Hadas,
Openstack Swift ATC, Architect, Master Inventor
IBM Research Labs, Haifa
Tel:    Int+972-4-829-6104
Fax:   Int+972-4-829-6112

More information about the OpenStack-dev mailing list