Jump to: navigation, search

Trusted-Location-Control

Revision as of 17:03, 15 August 2014 by Jerry Wheeler (talk | contribs) (Created page with "== '''<big>Geo Tagging</big> == While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Geo Tagging

While the cloud enables workloads and data to reside anywhere, users may be constrained to run their workloads and save their data in certain geographies due to regulatory reasons. This extends beyond trusting the cloud's hardware resources to be free of malware and rootkits. Extensions to Trusted Compute Pools (TCP) enable associating with hardware at provision time geo-tags. Intel Trusted Execution Environment (TXT) and other measured launch environments (MLEs) facilitate measuring such provision time information into the Trusted Platform Module (TPM). Attestation services can be used to ascertain that provision time meta data have not been tampered.

Asset and Geo Tags can be used to:

Monitor and Enforce Customer Policies This could be for security, fault tolerance, and/or meeting Service Level Agreements (SLAs). For example, even in a private corporate cloud, Finance and HR may not want Engineering to overrun their resources.

  1. Control workload placement
  2. Provide Control and Visibility to Cloud End-users
  • Display in dashboard the asset/geo associations of VM and hosts
  • Generate audit logs of Hardware/VMs/data with asset/geo details.
Retrieved from "https://wiki.openstack.org/w/index.php?title=Trusted-Location-Control&oldid=60639"