In our internal research at Rackspace, the number one customer concern around security is Data Protection. While there are many aspects to protecting customer data, encryption is typically a key part of most solutions. This importance can be seen in every compliance regime and a large suite of encryption providers, both open-source and commercial. However, these sources tend to lack technical implementation detail, especially around the hardest part of designing an encryption scheme, key management.
This presentation will cover Cloud Keep, an open source project sponsored by Rackspace to build a secure, Cloud-ready key management solution. We hope to solve a need for our customers as well as other OpenStack projects, several of which have published blueprints around encryption recently (Cinder: https://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumes, Swift:
https://blueprints.launchpad.net/swift/+spec/encrypted-objects). We will walk through our plans for the system, its technical architecture and demonstrate our current proof of concept implementation.