<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
		<id>https://wiki.openstack.org/w/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Jerry+Wheeler</id>
		<title>OpenStack - User contributions [en]</title>
		<link rel="self" type="application/atom+xml" href="https://wiki.openstack.org/w/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Jerry+Wheeler"/>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/wiki/Special:Contributions/Jerry_Wheeler"/>
		<updated>2026-07-14T08:39:29Z</updated>
		<subtitle>User contributions</subtitle>
		<generator>MediaWiki 1.28.2</generator>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Horizon-geo-trust-display&amp;diff=62108</id>
		<title>Horizon-geo-trust-display</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Horizon-geo-trust-display&amp;diff=62108"/>
				<updated>2014-09-04T22:01:44Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;OpenStack Horizon dashboard displays compute nodes, instances, and images available in an OpenStack cloud instance.&lt;br /&gt;
&lt;br /&gt;
The goal here is to display whether the compute node has booted in a trusted manner and its '''geo'''graphical properties. We propose integrating in the UI the ability to provision geo tags. Likewise, for virtual machine instances, would like to display the geo of the machine it is running on. For images, would like to display any trust or geo constraints associated with the image.&lt;br /&gt;
&lt;br /&gt;
For purposes of illustration, please refer to the images below captured from a proof of concept implementation developed at Intel (images courtesy Jerry Wheeler).&lt;br /&gt;
&lt;br /&gt;
== Possible Implementation ==&lt;br /&gt;
[[File:Geo-tag-instances.jpg|Trust and Geo Tags associated with a virtual machine instance.]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|Trust and Geo Tags associated with a virtual machine instance.]]&lt;br /&gt;
&lt;br /&gt;
== Requesting Feedback ==&lt;br /&gt;
=== Column Header ===&lt;br /&gt;
Please suggest a column title. The place holder is '''Trust-Status'''. '''Tags''' or '''Properties''' may be more generic.&lt;br /&gt;
&lt;br /&gt;
=== Geo Icon or String ===&lt;br /&gt;
Use a '''map icon''' with a hover-over behavior that provides location details.&lt;br /&gt;
[[File:04_maps.png| map icon]]&lt;br /&gt;
&lt;br /&gt;
or&lt;br /&gt;
&lt;br /&gt;
Provide '''location-string''' such as country-string or city/state/country string with more details on hover-over. &lt;br /&gt;
&lt;br /&gt;
or &lt;br /&gt;
&lt;br /&gt;
'''location-string''' that is a link to a page with more details.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Geo-tag-instances.jpg&amp;diff=62107</id>
		<title>File:Geo-tag-instances.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Geo-tag-instances.jpg&amp;diff=62107"/>
				<updated>2014-09-04T21:51:33Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: Jerry Wheeler uploaded a new version of File:Geo-tag-instances.jpg&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61559</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61559"/>
				<updated>2014-08-28T01:37:28Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* What is Geo/Asset Tag? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1500px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|600px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61558</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61558"/>
				<updated>2014-08-28T01:37:09Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* What is Geo/Asset Tag? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1500px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|600px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61557</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61557"/>
				<updated>2014-08-28T01:31:00Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1500px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|600px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61556</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61556"/>
				<updated>2014-08-28T01:29:15Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Principles of Operation */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1500px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61555</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61555"/>
				<updated>2014-08-28T01:28:50Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Principles of Operation */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1000px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61554</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61554"/>
				<updated>2014-08-28T01:26:23Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|2000]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61553</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61553"/>
				<updated>2014-08-28T01:25:09Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1500px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61552</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61552"/>
				<updated>2014-08-28T01:24:15Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1000px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|700px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61551</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61551"/>
				<updated>2014-08-28T01:23:17Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1000px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61550</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61550"/>
				<updated>2014-08-28T01:20:47Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1000px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg|200px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61549</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61549"/>
				<updated>2014-08-28T01:20:03Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Principles of Operation */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|1000px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61548</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61548"/>
				<updated>2014-08-28T01:19:44Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Principles of Operation */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|900px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61526</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61526"/>
				<updated>2014-08-27T20:14:37Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61522</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61522"/>
				<updated>2014-08-27T20:09:27Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Edit-vm-policy.jpg]]&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Edit-vm-policy.jpg&amp;diff=61520</id>
		<title>File:Edit-vm-policy.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Edit-vm-policy.jpg&amp;diff=61520"/>
				<updated>2014-08-27T20:08:22Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61513</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61513"/>
				<updated>2014-08-27T20:02:42Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1050px]]&lt;br /&gt;
&lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61512</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61512"/>
				<updated>2014-08-27T19:59:12Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.   &lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
[[File:Hypervisor-trust.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Hypervisor-trust.jpg&amp;diff=61511</id>
		<title>File:Hypervisor-trust.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Hypervisor-trust.jpg&amp;diff=61511"/>
				<updated>2014-08-27T19:57:35Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61510</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61510"/>
				<updated>2014-08-27T19:52:15Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.   &lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
## Below are screen shots of the horizon hypervisor and instance dashboard.&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61508</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61508"/>
				<updated>2014-08-27T19:48:22Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.   &lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits, that Nova aggregates and availability zones bring, have a lot in common with geo/asset tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo/asset tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning, geo/asset tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters are specified. They will be very similar to today's Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo/asset tag is retrieved as XML.&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestation servers need to be upgraded to understand geo/asset tags, supporting the API to retrieve them for registered hardware resources. The geo/asset tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61503</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61503"/>
				<updated>2014-08-27T19:41:41Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.   &lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61500</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61500"/>
				<updated>2014-08-27T19:38:34Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab. &lt;br /&gt;
### Display of Trust Policies assigned to each Image.   &lt;br /&gt;
### Trust Policies can be created and edited in the ‘Create Image’  tab and ‘Edit’ function for each Image.  &lt;br /&gt;
## Trust Policies, for now, include Platform Integrity and Location and in the future will include VM Integrity.   &lt;br /&gt;
## Trust Policies and related information as stored as Image properties in the glance database. &lt;br /&gt;
##  If Trust Policy for Location is selected, Platform Integrity is automatically selected.   &lt;br /&gt;
## When selecting the Location Trust; user will have option to create policy of one or more of the 5 Key name and value pairs.   &lt;br /&gt;
## 5 key names include: Country, State, City. Region and Classification.    &lt;br /&gt;
## Acceptable values for each Key Name will need to be selected  from a drop down list.  The acceptable values are fetched from the ‘Remote Attestation Solution’&lt;br /&gt;
## Below are screen shots of changes that displays ‘Trust Policies’ assigned to each image and Trust Policy creation/edit function in the Update Image page.   &lt;br /&gt;
# Asset/Location Filter in Scheduler to orchestrate and control ‘Trust Policies’.&lt;br /&gt;
## When a user selects an image to be launched for an instance, the scheduler retrieves the ‘Trust Policy’ for the Glance database&lt;br /&gt;
## Scheduler iterates through the available host and fetches the SAML assertion from the ‘Remote Attestation Service’ using Restful API. &lt;br /&gt;
## SAML Assertion is parsed to determine match to the ‘Trust Policy’ and once these iterations are completed, scheduler will complete the remaining filter operation and then  picks the best ranked host to launch the instance.    &lt;br /&gt;
# Trust Visibility within OpenStack Horizon  &lt;br /&gt;
## Horizon dashboards have been updated to display Trust Status in 2 dashboards under the Admin Tab – Hypervisor and Instances &lt;br /&gt;
## The Hypervisor dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Asset/Geo tag provisioned in the Hardware of the host. &lt;br /&gt;
## Every time the Hypervisor dashboard is loaded, ‘Trust Status’ is updated by fetching the SAML assertion from the ‘Remote Attestation Service’ using Restful API.&lt;br /&gt;
## The Instance dashboard displays trust status of all Policies (Platform and Location).  In addition, when you mouse over the location icon it will show the Location/ Tag Policy applied. &lt;br /&gt;
## if there are no Trust policies associated to the image the Instance is using, then the Trust Status for that instance will be empty.  &lt;br /&gt;
## Trusted Icons for each policy will be displayed in ‘green’ and untrusted in ‘Red’&lt;br /&gt;
&lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61491</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61491"/>
				<updated>2014-08-27T18:45:50Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images. &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
&lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61462</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61462"/>
				<updated>2014-08-27T16:10:21Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
&lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61460</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61460"/>
				<updated>2014-08-27T16:07:48Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
&lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:VM-policy.jpg&amp;diff=61459</id>
		<title>File:VM-policy.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:VM-policy.jpg&amp;diff=61459"/>
				<updated>2014-08-27T16:07:03Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61456</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61456"/>
				<updated>2014-08-27T15:59:20Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Hardware assisted Geo and Asset Tagging  */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61455</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61455"/>
				<updated>2014-08-27T15:57:04Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Hardware assisted Geo and Asset Tagging  */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg|800px]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61454</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61454"/>
				<updated>2014-08-27T15:54:58Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Dashboard(ex: Horizon) Extensions for Trust/Location info/attestation ===&lt;br /&gt;
# Horizon was updated to provide visibility of Trust and location details in the following places.&lt;br /&gt;
## Naresh to add technical details&lt;br /&gt;
## Adding Trust and geo location indicators (icons) to images in the horizon dashboard &lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## Added trust and geo-tag indicators (icons) to instances pages &lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61451</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61451"/>
				<updated>2014-08-27T15:41:11Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
## Examples of updated Horizon pages&lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61450</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61450"/>
				<updated>2014-08-27T15:38:24Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[File:Geo-tag-instances.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Ge-tag-images.jpg|1100px]]&lt;br /&gt;
&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Ge-tag-images.jpg&amp;diff=61449</id>
		<title>File:Ge-tag-images.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Ge-tag-images.jpg&amp;diff=61449"/>
				<updated>2014-08-27T15:33:44Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61448</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61448"/>
				<updated>2014-08-27T15:32:27Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## &lt;br /&gt;
[[File:Geo-tag-instances.jpg]]&lt;br /&gt;
##&lt;br /&gt;
##&lt;br /&gt;
##&lt;br /&gt;
&lt;br /&gt;
##&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Geo-tag-instances.jpg&amp;diff=61447</id>
		<title>File:Geo-tag-instances.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Geo-tag-instances.jpg&amp;diff=61447"/>
				<updated>2014-08-27T15:28:57Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61446</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61446"/>
				<updated>2014-08-27T15:27:34Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## &lt;br /&gt;
##&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61445</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61445"/>
				<updated>2014-08-27T15:25:33Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to the Images page under the Admin tab and Images &amp;amp; Snapshots and Instances under the Project tab within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61444</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61444"/>
				<updated>2014-08-27T15:20:07Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
=== Geo and Asset Tagging Solution ===&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to Image &amp;lt;add which screen&amp;gt; within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61442</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61442"/>
				<updated>2014-08-27T15:12:59Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to Image &amp;lt;add which screen&amp;gt; within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Remote Attestion servers need to be upgraded to understand geo tags, supporting the API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61441</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61441"/>
				<updated>2014-08-27T15:06:50Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
## Create a tag or tags&lt;br /&gt;
## Create a selection ID by selecting one or more tags&lt;br /&gt;
## Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
## Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
## For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
## The following changes have been made to Image &amp;lt;add which screen&amp;gt; within open stack &lt;br /&gt;
## fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
## &amp;lt;add screen shots&amp;gt;&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Naresh to add technical details including API calls.&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
## Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61435</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61435"/>
				<updated>2014-08-27T14:58:27Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’&lt;br /&gt;
# Create a tag or tags&lt;br /&gt;
# Create a selection ID by selecting one or more tags&lt;br /&gt;
# Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
# Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.&lt;br /&gt;
# For more details follow the instructions in Remote Attestation Solution product guide.&lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’&lt;br /&gt;
# The following changes have been made to Image…….screen&amp;gt; within open stack &lt;br /&gt;
# NARESH to fill technical details on changes – what code was change, where is data stored and more…&lt;br /&gt;
# Jerry to add screen shots&lt;br /&gt;
# On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
# Associate the keys with the appropriate values&lt;br /&gt;
# On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
# Naresh to add technical details including API calls.&lt;br /&gt;
# For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
# For each host, retrieves the trust and geo-tag details&lt;br /&gt;
# Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
# NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61433</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61433"/>
				<updated>2014-08-27T14:54:29Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset Tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’  &lt;br /&gt;
# Create a tag or tags  &lt;br /&gt;
# Create a selection ID by selecting one or more tags&lt;br /&gt;
# Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
# Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.  &lt;br /&gt;
# For more details follow the instructions in Remote Attestation Solution product guide. &lt;br /&gt;
# Create and Add Geo-Location/Asset-tag Policies to VM Image Properties in ‘Open Stack’ &lt;br /&gt;
# The following changes have been made to Image…….screen&amp;gt; within open stack &lt;br /&gt;
# NARESH to fill technical details on changes – what code was change, where is data stored and more….&lt;br /&gt;
# Jerry to add screen shots &lt;br /&gt;
# On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
# Associate the keys with the appropriate values&lt;br /&gt;
# On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
# Naresh to add technical details including API calls. &lt;br /&gt;
# For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
# For each host, retrieves the trust and geo-tag details &lt;br /&gt;
# Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately&lt;br /&gt;
# NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# Screen shots before and after launching an instance with a image policy&lt;br /&gt;
 &lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61380</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61380"/>
				<updated>2014-08-26T22:39:21Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
# Provision geo tags to Compute Hosts using ‘Remote Attestation solution’   &lt;br /&gt;
&lt;br /&gt;
# Add Geo-Location/Asset-tag VM Policies as VM Image Properties&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Create a new filter scheduler for geo-tag and trust attestation. It does the following&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details (Attestation service API: /mtwilson/v1/AttestationService/resources/saml/assertions/host)&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately.&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# UI/Portal Extensions for Trust/Location info/attestation&lt;br /&gt;
## Adding Trust and geo location information to the horizon dashboard&lt;br /&gt;
## Added trust and geo-tag indicators(icons) to images, instances and hypervisor pages&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61379</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61379"/>
				<updated>2014-08-26T22:37:17Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo and Asset tagging Solution */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset Tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
Provision geo tags to Compute Hosts using ‘Remote Attestation solution’  &lt;br /&gt;
Create a tag or tags  &lt;br /&gt;
Create a selection ID by selecting one or more tags&lt;br /&gt;
Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.  &lt;br /&gt;
For more details follow the instructions in Remote Attestation Solution product guide. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
# Add Geo-Location/Asset-tag VM Policies as VM Image Properties&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Create a new filter scheduler for geo-tag and trust attestation. It does the following&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details (Attestation service API: /mtwilson/v1/AttestationService/resources/saml/assertions/host)&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately.&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# UI/Portal Extensions for Trust/Location info/attestation&lt;br /&gt;
## Adding Trust and geo location information to the horizon dashboard&lt;br /&gt;
## Added trust and geo-tag indicators(icons) to images, instances and hypervisor pages&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61378</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61378"/>
				<updated>2014-08-26T22:36:53Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== What is Geo/Asset Tag? ===&lt;br /&gt;
&lt;br /&gt;
[[File:What-is-tag.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo and Asset tagging Solution ==&lt;br /&gt;
&lt;br /&gt;
Provision geo tags to Compute Hosts using ‘Remote Attestation solution’  &lt;br /&gt;
Create a tag or tags  &lt;br /&gt;
Create a selection ID by selecting one or more tags&lt;br /&gt;
Provision a selection ID to the asset (ex: Compute Host).  The Provisioning process will include generation of Asset Certificate and writing the SHA1 of the certificate to TPM’s NVRAM&lt;br /&gt;
Reboot the host to complete the provisioning process, which will extend the hash to PCR 22 register of TPM.  &lt;br /&gt;
For more details follow the instructions in Remote Attestation Solution product guide. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
# Add Geo-Location/Asset-tag VM Policies as VM Image Properties&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Create a new filter scheduler for geo-tag and trust attestation. It does the following&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details (Attestation service API: /mtwilson/v1/AttestationService/resources/saml/assertions/host)&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately.&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# UI/Portal Extensions for Trust/Location info/attestation&lt;br /&gt;
## Adding Trust and geo location information to the horizon dashboard&lt;br /&gt;
## Added trust and geo-tag indicators(icons) to images, instances and hypervisor pages&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:What-is-tag.jpg&amp;diff=61377</id>
		<title>File:What-is-tag.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:What-is-tag.jpg&amp;diff=61377"/>
				<updated>2014-08-26T22:32:44Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61376</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61376"/>
				<updated>2014-08-26T22:30:49Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo and Asset Tagging &amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory requirements. This solution will extend to include trusting the location and boundary of the hardware resources, extending the current functionality of trusting the integrality of the compute platform to be free of malware and rootkits. Extensions from this solution enable associating geo and asset tags with hardware at provision time. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measurement of provision time information into the Trusted Platform Module (TPM). Remote attestation services can then be used to ascertain that provision time meta-data have not been tampered.  Geo and Asset tagging builds on the Trusted Compute Pools feature, covered in  [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo and asset tagging can be incorporated and taken advantage of in OpenStack clouds to provide location and boundary control of workloads/OpenStack images.   With Geo/Asset Tags, you can enforce policies to control placement, migration or bursting of workloads to trusted systems in specific geographical locations or boundaries, provide visibility and compliance of your workload policies to ensure tenants that of its compliance to Trust and location policies.   &lt;br /&gt;
&lt;br /&gt;
=== Principles of Operation ===&lt;br /&gt;
&lt;br /&gt;
[[File:Principles-of-operation.jpg]]&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo-Location/Asset-tag process ==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
# Provision Geo-Location/Asset-tag to Host&lt;br /&gt;
## Create a tag or tags in the Attestation Server &lt;br /&gt;
## Create a selection with one or more tags&lt;br /&gt;
## Provision host with hash of the selection&lt;br /&gt;
## Write the geo-tag to the TPM&lt;br /&gt;
# Add Geo-Location/Asset-tag VM Policies as VM Image Properties&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Create a new filter scheduler for geo-tag and trust attestation. It does the following&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details (Attestation service API: /mtwilson/v1/AttestationService/resources/saml/assertions/host)&lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately.&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# UI/Portal Extensions for Trust/Location info/attestation&lt;br /&gt;
## Adding Trust and geo location information to the horizon dashboard&lt;br /&gt;
## Added trust and geo-tag indicators(icons) to images, instances and hypervisor pages&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Image properties field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Image geo/asset tag affiliations. The Horizon UI for instance and Image lists could be extended to display in addition to current information, trusted and geo tags. For example, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=File:Principles-of-operation.jpg&amp;diff=61375</id>
		<title>File:Principles-of-operation.jpg</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=File:Principles-of-operation.jpg&amp;diff=61375"/>
				<updated>2014-08-26T22:25:08Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	<entry>
		<id>https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61117</id>
		<title>Trusted-Location-Control</title>
		<link rel="alternate" type="text/html" href="https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&amp;diff=61117"/>
				<updated>2014-08-22T15:30:28Z</updated>
		
		<summary type="html">&lt;p&gt;Jerry Wheeler: /* Geo-Location/Asset-tag process */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== '''&amp;lt;big&amp;gt;Hardware assisted Geo location and Asset Tagging&amp;lt;/big&amp;gt; ==&lt;br /&gt;
&lt;br /&gt;
While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory reasons. This extends beyond trusting the cloud's hardware resources to be free of malware and rootkits. Extensions to Trusted Compute Pools (TCP) enable associating with hardware at provision time geo-tags. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measuring such provision time information into the Trusted Platform Module (TPM). Attestation services can be used to ascertain that provision time meta data have not been tampered. &lt;br /&gt;
&lt;br /&gt;
Asset and Geo Tags can be used to: &lt;br /&gt;
&lt;br /&gt;
Monitor and Enforce policies to control placement, migration or bursting to trusted systems in specific geographical locations&lt;br /&gt;
&lt;br /&gt;
# Control workload placement  &lt;br /&gt;
# Provide Control and Visibility to Cloud End-users &lt;br /&gt;
## Display in dashboard the asset/geo associations of VM and hosts &lt;br /&gt;
## Generate audit logs of Hardware/VMs/data with asset/geo details.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Geo Tagging builds on the Trusted Compute Pools feature, covered in [[TrustedComputingPools]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Proposed Changes ===&lt;br /&gt;
&lt;br /&gt;
[[File:HW-Geo-tag overview.gif]]&lt;br /&gt;
&lt;br /&gt;
== Geo-Location/Asset-tag process ==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
# Provision Geo-Location/Asset-tag to Host&lt;br /&gt;
## Create a tag or tags in the Attestation Server &lt;br /&gt;
## Create a selection with one or more tags&lt;br /&gt;
## Provision host with hash of the selection&lt;br /&gt;
## Write the geo-tag to the TPM&lt;br /&gt;
# Add Geo-Location/Asset-tag VM Policies as VM Image Properties&lt;br /&gt;
## On Horizon dashboard Image creation/edit page(s), User to select a tag key from the pre-configured tag key list [Country, State/Province, City, Region, Classification]&lt;br /&gt;
## Associate the keys with the appropriate values&lt;br /&gt;
## On image creation or editing, Horizon updates the glance database to store the list of tag key/value pairs as image properties.&lt;br /&gt;
# Add Asset/Location Filter to Scheduler&lt;br /&gt;
## Create a new filter scheduler for geo-tag and trust attestation. It does the following&lt;br /&gt;
## For the selected image, retrieves the list of tag key/value pairs from the glance database.&lt;br /&gt;
## For each host, retrieves the trust and geo-tag details &lt;br /&gt;
## Maps the image trust and geo-tag requirements with the server geo-tag and filters appropriately.&lt;br /&gt;
## NOTE: This filter does not assign a weight to the hosts&lt;br /&gt;
# UI/Portal Extensions for Trust/Location info/attestation&lt;br /&gt;
## Adding Trust and geo location information to the horizon dashboard&lt;br /&gt;
## Added trust and geo-tag indicators(icons) to images, instances and hypervisor pages&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Aggregates and Availability Zones ===&lt;br /&gt;
&lt;br /&gt;
The partitioning, resource reservation, and fault tolerance benefits that Nova aggregates and availability zones bring have a lot in common with geo tags. However, the main difference is that trusted tags are provision time values, and attached to the hardware resource. Re-purposing a machine is more easy via the command line with aggregates and availability zones, does not require machine reboot, but to modify trusted geo-tags more deliberate action is required, a machine reboot. The trusted geo-tag by virtue of being associated with a hardware root of trust is more valuable with respect to meeting regulatory requirements. &lt;br /&gt;
&lt;br /&gt;
Further, the Attestation service could be independent of the cloud provider to increase credibility and better meet regulatory requirements. In addition, geo-tags can be verified with about 90% accuracy using software techniques using the Internet Protocol (IP) address of the device being attested. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
This blueprint details how geo-tags can be incorporated and taken advantage of in OpenStack clouds.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Nova Compute Node Provisioning ===&lt;br /&gt;
&lt;br /&gt;
During compute nodes provisioning for trust, geo-tags may also be assigned. These can be simple strings, such as, &amp;quot;3 rd Floor, Expo Center, Hong Kong&amp;quot;, or complex, such as XML data providing sub-items such as GPS co-ordinates, postal address, and more, or json strings.&lt;br /&gt;
&lt;br /&gt;
=== Dashboard ===&lt;br /&gt;
# Flavor Extra Specs, Volume Extra Specs The extra specs field readily supports specifying geo and other asset tag constraints. &lt;br /&gt;
# Displaying VM and Volume geo/asset tag affiliations The Horizon UI for instance and volume lists could be extended to display in addition to current information, trusted and geo tags. For instance, it would be logical to add a little trusted seal if a compute node is trusted, and by extension a VM running on the same compute node. A country flag would be a good geo indicator. &lt;br /&gt;
# Object listings Could also contain geo indicators.&lt;br /&gt;
&lt;br /&gt;
=== Nova Scheduler Filter ===&lt;br /&gt;
&lt;br /&gt;
Asset /Geo Tag filters should be specified. They will be very similar to todays Aggregate and Availability filters with the distinction that the data they retrieve from the Attestation service may need to be parsed. For instance, geo-tag data may be retrieved as a json string or as XML. In the case of XML,&lt;br /&gt;
&lt;br /&gt;
=== Attestation Service ===&lt;br /&gt;
&lt;br /&gt;
Existing Attestion services need to be upgraded to understand geo tags, support an API to retrieve them for registered hardware resources. The geo tags retrieved for hardware resource could be cached at the attestation service or even at the nova scheduler to speed scheduling decisions as long as the cached value is no older than some specifiable time window. &lt;br /&gt;
&lt;br /&gt;
The simplest geo tag is a string, while more complex variants are XML and json strings. A match policy (country match, state and country match, or city, state, and country match) and a formatter to parse a given representation is required to facilitate match.&lt;/div&gt;</summary>
		<author><name>Jerry Wheeler</name></author>	</entry>

	</feed>