[openstack-dev] [Swift] Server Side Encryption
DAVIDH at il.ibm.com
Wed Nov 20 11:26:54 UTC 2013
We created a wiki page discussing the addition of software side encryption
"The general scheme is to create a swift proxy middleware that will encrypt
and sign the object data during PUT and check the signature + decrypt it
during GET. The target is to create two domains - the user domain between
the client and the middleware where the data is decrypted and the system
domain between the middleware and the data at rest (on the device) where
the data is encrypted.
Design goals include: (1) Extend swift as necessary but without changing
existing swift behaviors and APIs; (2) Support encrypting data incoming
from unchanged clients"
We would like to invite feedback.
Openstack Swift ATC, Architect, Master Inventor
IBM Research Labs, Haifa
More information about the OpenStack-dev