Open Stack

Benjamin, Bruce wrote:

> A blueprint/spec for encrypting volumes used by VMs is currently being implemented, and we're looking for feedback
> http://wiki.openstack.org/VolumeEncryption  https://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumes. 
> This blueprint provides encryption of VM data before it's written to disk,  similar to a self-encrypting drive, but the data
> will be encrypted in the virtualization host.  The VM will see a normal block storage device.  Transparently encrypting the
> data outside of VM control removes the potential risk posed by relying on end-users' settings.

The blueprint should be clearer that this is totally transparent beyond the scope of the virtualization host and the entity
that stores the key for the volume.

The block server is still supporting reads and write of blocks. It does not have to know that the content was encrypted
before it was sent or that it will be decrypted after it is read.

Also, the justification is protection of the disks at rest. Quantum can configure virtual networking to support volume access
in a way that makes intercepting of contents infeasible. But quantum cannot protect against someone removing the drive
and just reading it on a different machine.

It should be emphasized that the keys must not be stored on the same devices as the encrypted volumes.