Encrypted VM's (was Re: OT: Cloud Computing is coming to ...)

[Michael Semcheski]

On Tue, Jul 20, 2010 at 2:27 PM,  <J.Witvliet at mindef.nl> wrote:
> Just in general, what's the point in having server-disks (either local or "in-the-cloud" encrypted?
> As soon as you start them up, all we be de-crypted and your system is only protected by normal security measures.
>
> Only usefull purpose might be to give each user their own encrypted backup-storage.
> Something like a remote-tape-device...

Well, you don't have to store the encryption key with the server.
That means you might have to provide the key when the server boots up,
and obviously that could be problematic (especially in a remote
location.)  But it would supplement the physical security of the
server, and prevent someone with unauthorized access from booting with
a live CD and copying data out, or just stealing the server to get to
the data.

But generally I agree with your point.