Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-2798

Ensuring no plaintext data is leaked to the host via network when using CoCo

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • None
    • None
    • None
    • BU Product Work
    • False
    • None
    • False
    • KATA-2603protection for data in-use (CoCo)
    • Not Selected
    • 0% To Do, 0% In Progress, 100% Done
    • 0
    • 0

      One of the requirements for a CoCo GA is to ensure no plaintext data is leaked via network. 

      This requires understanding the different network communication channels between the CoCo components and how to secure them.

       

      Goal

      Ensure all network communication between worker node and peer-pod is encrypted

       

      Requirements

      1. SSH tunnel establishment between worker node and peer-pod
      2. Provisioning of keys for tunnel establishment

       

      Acceptance criteria

      1. Ability to deploy peer-pod using ssh tunnel 

       

       

              bpradipt Pradipta Banerjee
              bpradipt Pradipta Banerjee
              David Hadas
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: