Introduction

For a VM image to successfully integrate into the tiCrypt environment, the VM image must run correctly the tiCrypt VM Controller and register the VM with the tiCrypt infrastructure. Failure to do so will result in the VM being killed by the tiCrypt backend for security reasons.

In the rest of the document, we’ll use the following terms:

VM

A virtual machine that emulates real hardware such as CPUs and drives, and will boot from a VM Image.

VM Image

The boot drive of a VM. It provides the base operating system, fully installed, and set up.

VM Brick

The tiCrypt specification of hardware setup and a VM Image

UUID

Universal unique identifier, an ID that is guaranteed to be unique

Websocket

A continuous, long-running communication channel to a web server.

Bitlocker

Windows full disk encryption

LUKS

Linux full disk encryption

tiCrypt Stub

Program running on the VM that bootstraps the tiCrypt security mechanism. It also watches and restarts the tiCrypt VM Controller in case of crashes or updates

tiCrypt VM Controller

Program running on the VM that controls the VM on behalf of the user and ensures/enforces all the security mechanisms

tiCrypt Controller Server

tiCrypt component that provides the global configuration file and the latest version of the tiCrypt VM Controller.

VM​

VM Image​

VM Brick​

UUID​

Websocket​

Bitlocker​

LUKS​

tiCrypt Stub​

tiCrypt VM Controller​

tiCrypt Controller Server​

VM