<div dir="ltr"><div><p class="MsoNormal" style="text-align:justify"><span style="line-height:23px">Hi all,</span></p><p class="MsoNormal" style="text-align:justify"><span style="line-height:23px">I, Amey Ghadigaonkar, had contacted the community regarding a project about run time integrity checks for OpenStack in the OSSG meeting held on 02.27.14 (transcript: <a href="http://eavesdrop.openstack.org/meetings/openstack_security_group/2014/openstack_security_group.2014-02-27-18.00.html">http://eavesdrop.openstack.org/meetings/openstack_security_group/2014/openstack_security_group.2014-02-27-18.00.html</a>). </span><span style="line-height:23px">I am submitting a blueprint to describe what our project is really about. We are quite enthusiastic to hear what the community thinks of our project. Please read on.</span></p>
<p class="MsoNormal" style="text-align:justify"><b><span style="font-size:15pt;line-height:115%"><br></span></b></p><p class="MsoNormal" style="text-align:justify"><b><span style="font-size:15pt;line-height:115%">What we want do</span></b></p>
<p class="MsoNormal" style="text-align:justify">Goal
of this project is to develop a component that will perform periodical
validations of run-time integrity of OpenStack code, services, and
configurations. We aim to:</p>
<p class="" style="margin-left:0.5in;text-align:justify">1.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Develop
a framework in Nova that allows periodic or user-triggered integrity
measurements of compute nodes in the trusted pool. </p>
<p class="" style="margin-left:0.5in;text-align:justify">2.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>The
framework will allow specific integrity measures to be developed as plugins.</p>
<p class="" style="margin-left:0.5in;text-align:justify">3.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Adapt
OpenAttestation as the first plugin to this framework.</p>
<p class="" style="margin-left:0.5in;text-align:justify">4.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Develop
a Horizon component that will allow users to configure their choice of checks
and schedule when these checks should be run. The results obtained from these
checks will be stored and can be retrieved by users using the Horizon component.</p>
<p class="" style="margin-left:0.5in;text-align:justify">5.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>As
time and scoping permits, develop more run-time integrity check plugins such as
checking that trusted nodes are running known good code or performing dynamic
memory checks.</p>
<p class="MsoNormal" style="text-align:justify">We have attached a sample usecase diagram with this email to illustrate some simple usecases. <b>Suggestions/comments from the community</b> regarding the project are welcome and we consider these comments as <b>essential for success</b> of this project.
Some issues that we would like to discuss with the community are:</p>
<p class="" style="margin-left:0.5in;text-align:justify"><span style="background-repeat:initial initial">1.<span style="font-size:7pt;font-family:'Times New Roman'">
</span></span><span style="background-repeat:initial initial">Are there any potential architectural or technical
concerns that you are aware of that might impact these goals?</span><span style="background-repeat:initial initial"></span></p>
<p class="" style="margin-left:0.5in;text-align:justify"><span style="background-repeat:initial initial">2.<span style="font-size:7pt;font-family:'Times New Roman'">
</span></span><span style="background-repeat:initial initial">Any listed functionality that you deem redundant or think
that something specific should be added?</span><span style="background-repeat:initial initial"></span></p>
<p class="" style="margin-left:0.5in;text-align:justify"><span style="background-repeat:initial initial">3.<span style="font-size:7pt;font-family:'Times New Roman'">
</span></span><span style="background-repeat:initial initial">Do you have suggestions for good candidates for run-time
integrity check plugins?</span><span style="background-repeat:initial initial"></span></p>
<p class="" style="margin-left:0.5in;text-align:justify"><span style="background-repeat:initial initial">4.<span style="font-size:7pt;font-family:'Times New Roman'">
</span></span><span style="background-repeat:initial initial">Any pointers to relevant documentation, mailing list
discussions, or people that should be included in further discussions?</span><span style="background-repeat:initial initial"></span></p>
<p class="" style="margin-left:0.5in;text-align:justify"><span style="background-repeat:initial initial">5.<span style="font-size:7pt;font-family:'Times New Roman'">
</span></span><span style="background-repeat:initial initial">Any other general comments or suggestions?</span><span style="background-repeat:initial initial"></span></p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"><b><span style="font-size:15pt;line-height:115%">Where we are right now</span></b></p>
<p class="MsoNormal" style="text-align:justify">We
are in the inception phase of the project and are negotiating its scope. We
plan to submit an elaborate blueprint for the deliverable and its architecture
before the Juno Release Design Summit in May. Development will start soon after
the Summit.</p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"><b><span style="font-size:15pt;line-height:115%">Who we are</span></b></p>
<p class="MsoNormal" style="text-align:justify">This
project is a part of Practicum for Software Engineering course (17-677) at
Carnegie Mellon University. There are four team members. We are students at
Master of Science in Information Technology – Software Engineering (MSIT-SE)
program in Carnegie Mellon University:</p>
<p class="" style="margin-left:0.5in;text-align:justify">1.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Alexandr
Naumchev</p>
<p class="" style="margin-left:0.5in;text-align:justify">2.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Amey
Ghadigaonkar</p>
<p class="" style="margin-left:0.5in;text-align:justify">3.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Fusheng
Yuan</p>
<p class="" style="margin-left:0.5in;text-align:justify">4.<span style="font-size:7pt;font-family:'Times New Roman'"> </span>Vasilii
Artemev</p>
<p class="MsoNormal" style="text-align:justify">Mentor:
Dr. Bradley Schmerl, Senior Systems Scientist, School of Computer Science,
Carnegie Mellon University.</p>
<p class="MsoNormal" style="text-align:justify">Client:
Laura Glendenning. Software Engineer at Applied Physics Laboratory in Johns
Hopkins University.</p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"> </p>
<p class="MsoNormal" style="text-align:justify"><b><span style="font-size:15pt;line-height:115%">Future Work:</span></b></p>
<p class="MsoNormal" style="text-align:justify">One
of the extensions of this project would be to develop hooks to the framework
from Ceilometer to enhance functionality provided by our component. </p></div><span style="font-family:arial,sans-serif;font-size:13px;white-space:nowrap"><div><br></div></span>
</div>