Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-2798

Ensuring no plaintext data is leaked to the host via network when using CoCo

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • None
    • None
    • None
    • BU Product Work
    • False
    • None
    • False
    • KATA-2603Enhanced protection for data in-use (CoCo)
    • Not Selected
    • 0% To Do, 0% In Progress, 100% Done
    • 0
    • 0

      One of the requirements for a CoCo GA is to ensure no plaintext data is leaked via network. 

      This requires understanding the different network communication channels between the CoCo components and how to secure them.

       

      Goal

      Ensure all network communication between worker node and peer-pod is encrypted

       

      Requirements

      1. SSH tunnel establishment between worker node and peer-pod
      2. Provisioning of keys for tunnel establishment

       

      Acceptance criteria

      1. Ability to deploy peer-pod using ssh tunnel 

       

       

            bpradipt Pradipta Banerjee
            bpradipt Pradipta Banerjee
            David Hadas
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: