OpenStack Shared File Systems Service (Manila)

share-encryption

Registered by kiran pawar

The Manila shares volumes for a virtual machine (VM) are currently not being encrypted. This makes the platforms hosting shares for VMs high value targets because an attacker can break into a share-hosting platform and read the data for many different VMs. Another issue is that the physical storage medium could be stolen, remounted, and accessed from a different machine. This blueprint addresses both of these vulnerabilities

The aim of this blueprint is to provide encryption of the share using vendor supported encryption methods. That is the data is being encrypted on backend storage.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
kiran pawar
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.opendev.org/#/q/topic:bp/share-encryption

Addressed by: https://review.opendev.org/c/openstack/manila-specs/+/898999
    Add spec for share encryption

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.