img
Home > Design Patterns > Cloud VM Platform Encryption

Cloud VM Platform Encryption (Cope, Erl)

How can VM backups, snapshots, and live migration be secured?

Cloud VM Platform Encryption

Problem

VM backups, snapshots and live migration create files that encapsulate the entire VM. These files can then be copied or moved outside the application that the cloud consumer controls, making them vulnerable to attacks.

Solution

Encrypted containers are provided for use and storage of the various types of VM backups and replications.

Application

A key manager is used to manage keys for encryption of the various types of VM storage that are pre-provisioned to receive backups and snapshots of consumer VMs or to receive replications and live migrations.
Cloud VM Platform Encryption: Pre-configured VMs encrypted with consumer controlled encryption.

Pre-configured VMs encrypted with consumer controlled encryption.

Cloud VM Platform Encryption: Key management and the Cloud VM Platform Encryption pattern.

Key management and the Cloud VM Platform Encryption pattern.

CloudSchool.com Cloud Certified Professional (CCP) Module 7: Fundamental Cloud Security
CloudSchool.com Cloud Certified Professional (CCP) Module 8: Advanced Cloud Security

This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.

For more information regarding the Cloud Certified Professional (CCP) curriculum, visit www.arcitura.com/ccp.

Cloud Computing Design Patterns

The architectural model upon which this design pattern is based is further covered in:

Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour

(ISBN: 9780133858563, Hardcover, ~ 528 pages)

For more information about this book, visit www.arcitura.com/books.