Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Visit the OpenStack Summit page for the latest news, registration and hotels.
View analytic
Monday, November 3 • 15:20 - 16:00
Trusted Bare Metal What's That?

Sign up or log in to save this to your schedule and see who's attending!

You are a cloud user who wants bare metal for performance forging the security benefits of virtualization. All the OpenStack services, such as, Nova, Keystone, and Glance, all run on bare metal. At launch time, can we trust that they are free of malware?

Ironic in OpenStack provides support for flashing machines using network boot, PXE/iPXE. We propose modifying Ironic for trusted boot by using a two phase measured launch approach. In Phase 1, measure the Ironic boot loader, and in Phase 2, measure the Glance image we seek to install on the machine. Glance images could carry expected hash values.

The solution described relies on tboot, an open source trusted boot loader, OAT, an open source remote attestation service, Intel TXT technology, and a trusted platform module (TPM).  We round out the talk with a demo illustrating trusted boot.

Contributors: Tan Lin (Intel), Gang Wei (Intel), and Devananda van der Veen (HP)

Speakers
avatar for Dr. Malini Bhandaru

Dr. Malini Bhandaru

Architect, Intel
Malini Bhandaru is a Sr. Cloud Architect with the Open source Technology Center, Intel and has been involved with OpenStack for over three years. Her tenure at Intel spans work on cloud and security, fast encryption algorithms, and Xeon platform power and performance. Prior to Intel she worked on speech recognition, remote monitoring and management, and web applications. She has a Ph.D. in Artificial Intelligence from the Univ. of Massachusetts... Read More →


Monday November 3, 2014 15:20 - 16:00
Room 243

Attendees (85)