Hi, all! A few weeks ago at the Structure conference, I had a chat with Davi (CCed) about using RADOS object classes to provide encryption capabilities. The general idea is that RADOS would encrypt objects before storing them. Because the encryption could be done by the OSDs themselves, applications wouldn't require a middleware layer to do it. That might be compelling for some, but it does raise a few concerns: 1) Where would the OSDs store keys? If the keys are stored within RADOS, how can the system prevent those who want to steal data from stealing the keys as well? 2) Would the encryption work be too demanding? Could it affect an OSD's ability to serve requests or perform replication tasks? 3) How could the system deal with multiple keys? Some situations might call for a separate key for each application (or even rgw bucket). 4) How could the system prevent eavesdropping and tampering, given that the data isn't encrypted until it reaches the OSD? Maybe this is most practical when combined with RGW+SSL. I'm sure that there are answers to these questions (and lots more questions as well). Davi and I are interested to know if anyone's explored along these lines. If you haven't given this thought before now and you find it interesting, we'd like to know that too! Cheers, Ross -- Ross Turk Ceph Community Guy @rossturk @inktank @ceph -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
