{{Header}}
{{title|title=
{{project_name_long}} for Cloud
}}
{{#seo:
|description={{project_name_short}} in the cloud - Development Considerations
}}
{{intro|
{{project_name_short}} in the cloud - Development Considerations
}}
= Virtualization Technology =
* docker based or KVM based?

= Build Script TODO =
* If docker based:
** create a docker filesystem tar.xz
** dockerfile Whonix-Gateway
** dockerfile Whonix-Workstation
** docker virtual internal networking
* If kubernetes based:
** kubernetes pod yaml
** internal networking?

= Misc TODO =
* preseed [[Anon Connection Wizard]] for non-interactive mode
* systemcheck fixes to support new virtualizer
* [[Dev/Leak_Tests|leak testing]]
* static networking vs DHCP
* DHCP
** needed?
** outside?
** find a security review contractor
* create a cloud-support package which contains cloud specific configuration tweaks

= Cloud TODO =
* cloud interface switch network button
* cloud interface different speed / anonymity choices
* kubernetes switch network

= Anonymizer =
* Working codenames:
** Default Tor (just "normal" Tor)
** Fast Tor (
** Own Tor (self-hosted Tor network)
*** How to stop freeloaders?
* Why Tor?
** Tor supports transparent proxying
** supports nodes config

= legal documents =
* Existing documents can be re-used.

= Sponsorship =
* honest documentation in the usual style what if xyz how secure, less secure, more secure, etc.
* homepage, [[Download]] page gets a <code>cloud</code> button
* main sponsor
* reputation instead of hand waving
* continuous support for future version support
* cooperation agreement
* oversight
* access to developers
* access to tickets
* advisory
* monitor and confirmation of progress

= Secure Cloud Hardware TODO Research List =
== RAM Encryption ==
* PrivateCore
** https://en.wikipedia.org/wiki/PrivateCore
** https://privatecore.com/vcage/index.html
* Microsoft
** https://learn.microsoft.com/en-us/windows/security/information-protection/pluton/microsoft-pluton-security-processor
** https://azure.microsoft.com/en-us/products/key-vault/
** https://azure.microsoft.com/en-us/solutions/confidential-compute/#solution-architectures
** https://www.microsoft.com/en-us/research/project/microsoft-seal/
* Google
** https://cloud.google.com/security-key-management
** https://cloud.google.com/confidential-computing
* raptorengineering
** https://www.raptorengineering.com/TALOS/documentation/integrimon_intro.pdf
** https://www.raptorengineering.com/TALOS/security_features.php
** https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-1
** https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-2
** https://www.integricloud.com/
* HashiCorp
** https://www.vaultproject.io/
* thales
** https://cpl.thalesgroup.com/cloud-security
* AWS
** https://aws.amazon.com/security/cryptographic-computing/
** https://aws.amazon.com/clean-rooms/features/
* https://en.wikipedia.org/wiki/Key_Management_Interoperability_Protocol
* KVM
* pKVM - protected KVM
** https://lwn.net/Articles/890224/

== Homomorphic Encryption ==

* https://en.wikipedia.org/wiki/Homomorphic_encryption
* Microsoft
** https://learn.microsoft.com/en-us/azure/architecture/solution-ideas/articles/homomorphic-encryption-seal
* AWS
** https://aws.amazon.com/security/cryptographic-computing/

[[Category:Design]]
{{Footer}}