[Openstack-security] Reg: Security concern

Thierry Carrez thierry at openstack.org
Mon May 27 10:03:46 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Matthew Thode wrote:
>> I've been working with nova, glance and keystone for past one
>> year and now i want to look into swift to implement in production
>> level, which raises a question about security concern with
>> openstack where i found this group. So how secure is swift as of
>> now, i've been reading mailing lists and disussions about
>> man-in-middle attack can be performed, any suggestions?

Swift is quite secure but has a number of deployment assumptions which
may or may not be acceptable for you: you need to rely of external SSL
termination (generally at the load balancing boundary), and the Swift
internal deployment network (over which the various nodes communicate)
is considered trusted.

Hope this helps.

- -- 
Thierry Carrez (ttx)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCAAGBQJRoy9/AAoJEFB6+JAlsQQjj7oQALceddNGw48palzJIf5/N+Nz
8M6AuCBNCTvXHZtuYYmM1aNQfAkQxET3tepOaxu+Zwjcs3z9zBl94vQFJmoF5p2Y
7FX+7lJzk8bYn7jyYoTEsjBJYS3k2RHP3RLv94jtXRSGMUbe/CdjgRGse+upIOl7
6Jkz0edktCC5ZYV4eO2fCUc9g2KWotuvsJ4gvZ3LroF+JeQgmESUe+Sivz0ZT2fG
VGEjYYRswHP+q2VXMEgROXBUgfE0brVZHtGCl6kA0zavT76IeB1j7yfF9zGeAlhr
4p/5y66y1yggAVV9v0bbU9rPapLqz/VbKlKS03llgSARgWLIeH36OXyNgjrc+zdH
6s9FSRc0sHWd9H4C3BOo7WmeoNwan5bPEw/qEsDRqouEnxw6ZoumRIhtybv1M7YU
+zHG5Vrd23sVnepqub7u6fQZ3wlXL09HCRR7STc6mnx2zk/uSyiaxqkUv7AHUWGd
dtVb38XYEHIJ62P1u4gJsZLYRfPbv9SVS9JmP7rQiWqNbpHfFhRrGhsjyu8+gA66
0VQdukYu+xsF9crLxt1OcFXu6beNj0xojRQwyAfw8C+29RPTh2ULz/uMoNZJsTJu
MejJj0VOTOxc5MdQhBYKvFdzE1G1YNm1pjbBRNcWm1cg1O29P2fTDRKxNqI9450w
hLddhrZFj/UOG4E7+jaH
=TBM+
-----END PGP SIGNATURE-----




More information about the Openstack-security mailing list