OpenStack Compute (nova)

Hyper-V Shielded VMs

Registered by Claudiu Belu

If the administrator of a hypervisor host is compromised, all of the existent virtual machine data can be read, which is highly undesirable.

Windows / Hyper-V Server Technical Preview introduced the concept of shielded VMs, offering the users an environment where the protection of the virtual machine data is enhanced against threats like malware, compromised storage, network and even host administrators.

[1] Shielded VMs and Guarded Fabric Validation Guide:
  https://gallery.technet.microsoft.com/Shielded-VMs-and-Guarded-44176db3

[2] Harden the Fabric: Protecting Tenant Secrets in Hyper-V
  https://channel9.msdn.com/Events/Ignite/2015/BRK3457

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Claudiu Belu
Direction:
Needs approval
Assignee:
Claudiu Belu
Definition:
Pending Approval
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/s,n,z

Addressed by: https://review.openstack.org/192892
    Adds Hyper-V Shielded VMs spec

Superseded by: https://blueprints.launchpad.net/nova/+spec/hyper-v-vtpm-devices

Feature is too complex to be included in the hyper-v-vtpm-devices spec, it needs its own blueprint. (claudiub)

Addressed by: https://review.openstack.org/274709
    Adds Hyper-V Shielded VMs spec

Gerrit topic: https://review.openstack.org/#q,topic:bp/implements,n,z

Addressed by: https://review.openstack.org/416166
    Hyper-V: Shielded VMs

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.