A new feature in development for OpenStack Swift improves security by encrypting object data at rest.
OpenStack Swift provides reliable and scalable object storage that has been deployed in many successful production environments. The Swift developer community has recently been working on enhancing Swift’s security by adding the capability to encrypt object content stored on disk. Our goal is to protect data at rest from an attacker that gains physical access to disks. We aim to achieve this with complete transparency to clients i.e. with no API changes, other than optional extensions to support client provided keys when desired.
This talk will describe and demonstrate this exciting new feature, discuss options for integration with key management services such as Barbican, and look ahead at future work to additionally encrypt account and container metadata.
Attendees will learn about the goals (and non-goals) of Swift encryption, hear about the progress being made towards encryption being enabled in upstream Swift, see a demonstration of object encryption and gain an understanding of the trade-offs with other encryption solutions.
Registration Opening Soon
Registration will open for you to purchase passes for the OpenStack Summit very soon!
We're excited to see you there!
