Home > Mechanisms > Geotag



A geotag is a data receptacle in a trusted platform module (TPM) that holds geolocation attributes and provides the mechanism with geolocation capability. Geolocation tagging is initiated by a cloud administrator when the server is first provisioned in the data center. This allows a cloud consumer to specify the location(s) where a workload should be placed, and to verify whether virtual servers and workloads are running in the correct geographic location. The geographic location determination capability supports many industry regulatory compliance requirements. Figure 1 shows the geotag data item initialized with a GPS location.

Figure 1 - A geotag data item within a TPM

Geotags can provide extensions to Trusted Cloud Resource Pools, allowing pooling of hardware at provision time in the same geolocation. Trusted Cloud Resource Pools meet the requirements for workloads to be handled by secure VMs, including entering or leaving certain geographic regions. Compliance with data residency regulations can be complex for enterprises with very distributed cloud deployments.

Related Patterns: Cloud Certified Professional (CCP) Module 7: Fundamental Cloud Security Cloud Certified Professional (CCP) Module 8: Advanced Cloud Security

This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.

For more information regarding the Cloud Certified Professional (CCP) curriculum, visit

Cloud Computing Design Patterns

This cloud computing mechanism is also covered in:

Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour

(ISBN: 9780133858563, Hardcover, ~ 528 pages)

For more information about this book, visit