[openstack-dev] [murano][barbican] Encrypting sensitive properties
paul.bourke at oracle.com
Thu May 25 15:49:00 UTC 2017
I've been looking at a blueprint logged for Murano which involves
encrypting parts of the object model stored in the database that may
contain passwords or sensitive information.
I wanted to see if people had any thoughts or preferences on how this
should be done. On the face of it, it seems Barbican is a good choice
for solving this, and have read a lengthy discussion around this on the
mailing list from earlier this year. Overall the benefits of Barbican
seem to be that we can handle the encryption and management of secrets
in a common and standard way, and avoid having to implement and maintain
this ourselves. The main drawback for Barbican seems to be that we
impose another service dependency on the operator, though this complaint
seems to be in some way appeased by Castellan, which offers alternative
backends to just Barbican (though unsure right now what those are?). The
alternative to integrating Barbican/Castellan is to use a more
lightweight "roll your own" encryption such as what Glance is using.
After we decide on how we want to implement the encryption there is also
the question of how best to expose this feature to users. My current
thought is that we can use Murano attributes, so application authors can
do something like this:
- name: appPassword
This would of course be transparent to the end user of the application.
Any thoughts on both issues are very welcome, I hope to have a prototype
in the next few days which may help solidify this also.
More information about the OpenStack-dev