A geotag is a data receptacle in a trusted platform module (TPM) that holds geolocation attributes and provides the mechanism with geolocation capability. Geolocation tagging is initiated by a cloud administrator when the server is first provisioned in the data center. This allows a cloud consumer to specify the location(s) where a workload should be placed, and to verify whether virtual servers and workloads are running in the correct geographic location. The geographic location determination capability supports many industry regulatory compliance requirements. Figure 1 shows the geotag data item initialized with a GPS location.
Figure 1 - A geotag data item within a TPM
Geotags can provide extensions to Trusted Cloud Resource Pools, allowing pooling of hardware at provision time in the same geolocation. Trusted Cloud Resource Pools meet the requirements for workloads to be handled by secure VMs, including entering or leaving certain geographic regions. Compliance with data residency regulations can be complex for enterprises with very distributed cloud deployments.