Simpler Encrypted Volume Management with Tang – #OpenStack

OpenStack currently implements encryption of Cinder volumes using Castellan-based key managers. However, requiring a key escrow can be difficult to manage and error prone, making features like bring-your-own-key quite difficult. Further, efforts to solve this problem by implementing a push model end up requiring invasive OpenStack API changes. A much simpler solution is available using Tang, an easy and secure alternative to key escrow.  A Tang server implements the McCallum-Relyea key exchange,

via OpenStack

About The Author
- The OpenStack Foundation promotes the development, distribution and adoption of the OpenStack cloud operating system. As the independent home for OpenStack, the Foundation has already attracted more than 9,500 individual members from 100 countries and 850 different organizations, secured more than $10 million in funding and is ready to fulfill the OpenStack mission of becoming the ubiquitous cloud computing platform.

Tell us what you think...