Versions Compared

Old Version 39

changes.mady.by.user Hari C S

Saved on

compared with

New Version 40

changes.mady.by.user srinibas@zededa.com

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Assuming that EVE provides a capability to store some files in an encrypted filesystem, 
a) A user might want to run the Edge Containers out of this secure file system, so that data that is stored by these Edge Containers is stored in encrypted form at rest.   A user might do this is to prevent an attacker from reading the application data if the EVE node is stolen or drive is taken out.
b) A user might also wish to store sensitive parts of EVE configuration (e.g. Image data store credentials), under this secure file system, so that it stays encrypted at rest. 

Possible Approaches

The Security Policy can be at applied at EVE Node level or, Application Level. For easier mangeability,  we are proposing the security policy application at the Node level.

We are exploring two multiple options for implementing such an interface, and we will discuss them in detail below.

...