The Volume Encryption feature in OpenStack presents a normal block storage device to the VM but encrypts the data in the virtualization host before writing to a remote disk. This provides data confidentiality against network traffic interception, compromised storage hosts, and stolen disk drives. To the end user, the block server operates exactly as it would when reading and writing unencrypted blocks. It includes a key manager interface that supports key generation and storage, and the interface allows different key managers to be supported such as Barbican or a KMIP server. This session will be split into two parts, the first covering the set up of the Barbican key management service and the second covering the configuration and use of Cinder and Nova to provide encrypted block storage.
Software Engineer, Johns Hopkins University Applied Physics Laboratory
Joel Coffman is a Senior Cyber Engineer at the Johns Hopkins University Applied Physics Laboratory (JHU/APL), which he joined in 2012. Joel contributes to a variety of sponsored and internally-funded research and development projects where he applies software engineering expertise to improve software quality. Joel also serves as the technical lead for JHU/APL’s involvement in the OpenStack cloud computing project where he has overseen the... Read More →
Cloud Security Product Manager, Rackspace
Jarret Raim is the Security Product Manager at Rackspace Hosting. Since joining Rackspace, he has built a software assurance program for Rackspace?s internal software teams as well as defined strategy for building secure systems on Rackspace?s OpenStack Cloud implementation. Through his experience at Rackspace, and as a consultant for Denim Group, Jarret has assessed and remediated applications in all industries and has experience width a wide... Read More →
Attendance numbers do not account for private attendees. Get there early!