I think this is very interesting and would love to see the code for it. The blueprint mentions performing checks beyond what Open Attestation provides, "add dynamic check to verify memory" - this is probably a stretch goal as process memory verification is extremely complex. I'm not aware of anyone doing it well though I'd love to be corrected on that point. I also wonder how, if working outside of Open Attestation (and I'm assuming outside of TPM) how you will assert that attestations are accurate.
I'm sure the intel guys will have a lot to contribute here and I'm excited to see people working to improve Compute security with cool projects such as this one. -Rob > -----Original Message----- > From: Grant Murphy [mailto:[email protected]] > Sent: 23 June 2014 00:49 > To: OpenStack Development Mailing List (not for usage questions); > [email protected] > Cc: Vasiliy Artemev; David Yuan > Subject: Re: [Openstack-security] [openstack-dev] Periodic Security Checks > > Adding openstack-security to the thread. In case folks on OSSG don't > monitor this list. > > ----- Original Message ----- > > From: "Alexandr Naumchev" <[email protected]> > > To: [email protected] > > Cc: "Amey Ghadigaonkar" <[email protected]>, "Vasiliy Artemev" > <[email protected]>, "David Yuan" > > <[email protected]> > > Sent: Sunday, June 22, 2014 4:33:35 AM > > Subject: [openstack-dev] Periodic Security Checks > > > > Hello! > > We have blueprints here: > > > > https://blueprints.launchpad.net/horizon/+spec/periodic-security-check > > s > > > > and here: > > > > https://blueprints.launchpad.net/nova/+spec/periodic-security-checks/ > > > > And we already have some code. Is it necessary to approve the > > blueprint before contributing the code? In any case, could someone > > review the aforementioned blueprints? > > Thanks! > > > > _______________________________________________ > > OpenStack-dev mailing list > > [email protected] > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > _______________________________________________ > Openstack-security mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
