Light

redhat-et / edge-security-demo Goto Github PK

License: Apache License 2.0

Dockerfile 24.21% Python 65.41% Shell 7.75% HTML 2.63%

edge-security-demo's Introduction

Edge, AI & Security Demo

This repository contains the files and documentation to perform the joint Edge / AI, Security demo developed within OCTO, Emerging Technologies.

The demo consists of an Edge / AI based application. The application streams video content that is processed by tensorflow monitored with the streams rendered onto a master media machine over HTTP.

Each streaming application will be run in an OpenShift pod.

Two OpenShift nodes (virtual machine based) will be present to run the Edge AI pod. Keylime will monitor both OpenShit nodes and all containers running in the pod.

One of the Nodes will be compromised / hacked. When this happens, Keylime will sense the breach. It will then inform the controller to migrate the pod to the second node and will have all containers perform actions to blacklist the compromised node.

The user will experience this as the video feeds continuing service while the pod migrates to a non compromised environment.

edge-security-demo's People

Contributors

Stargazers

Watchers

Forkers

axelsimon astoycos mpeters ayushambastha font cereallkiller

edge-security-demo's Issues

AI / Edge workload / app setup.

Media streamer centre.

This would be the webserver (flask) that shows video.

This is pushed ceph.

Revocation Scripts for Keylime

Kubernetes Setup

Nested deployment of K8s / Open Shift

Start with k8s and openshift if possible.

1 x VM for set up of cluster master
2 x VM for set up of nodes

keylime verifier / registrar deployment / setup (on single VM).

Keylime k8s deployment

Keylime agent

K8s setup

deployment.yaml

Deploying Keylime:

Setup script for tpm, systemd:
https://github.com/keylime/keylime/tree/master/services
keylime.conf
** ip address of verifier and registrar

Create k8s cluster that can also have Keylime installed on the hosts

We need a Kubernetes cluster (preferably OCP, but can fall back to K8s on GKE or something similar if needed) where we can run some part of the Keylime infrastructure (registrar, verifier, etc) on the hosts themselves (not running as a container). Other parts of the demo will run as containers (keylime_agent, application pods, etc) but that will be pretty standard.

https://github.com/redhat-iot/iot-dev

Where do we host demo?

PSI?

Revocation Scripts

We need to decide on what will happen when a machine fails.

We need to design revocation events and develop the scripts.

Possible solutions include:

Shutdown machine that has failed

Terminate connection.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.