Looking back ten years: Another Cypherpunks failure (fwd)

[lynn.wheeler at firstdata.com]

there is another issue here in the corporate world. The issue is
availability of corporate assets. One particular study that showed it up
had to do with budiness that had no backup of critical disk and that disk
had a failure .... 50 percent of such occurances resulted in the company
declaring bankruptcy within 30 days.

The whole migration of critical business assets out of the enterprise
glasshouse environment to various corporate desktops has highlighted the
fact that more or more critical corporate assets are represented by that
data (simple example can be customer invoices & billing data).

Enterprises that are doing backup of critical data that is shipped off-site
as part of disaster/recovery scenarios are starting to find that such
backups require encryption (if not the original data stored on disk). The
quandrary then is the possible loss of the capability of decrypting the
data when necessary (aka replicated keying material stored in multiple safe
locations).

random ref:
http://www.securefs.com/ Secure File System

The Secure File System (SFS) is a joint project between the University of
Minnesota and StorageTek which aims to provide an easy to use cryptographic
file system. It allows you to store your files securely on remote sites
using normal networking protocols (FTP, HTTP, NFS, etc.). You can store
your files anywhere without worry of unauthorized access. SFS allows
distributed control of protected information through the use of a group
server which is responsible for all file access controls.

SFS currently uses smartcards, through MUSCLE software, for authentication
and signature purposes. We are currently using Linux with a patched version
of UFO, a user-space program that allows us to treat FTP, HTTP, etc. sites
as local filesystems. This patched version allows us to catch any file
requests and send them to another program to determine if they need to be
de/ encrypted. A diagram of the overall operation is available as a PDF
file or GIF. Note: Entire project source code will be available including
cryptographic routines. Our revised paper which was submitted to the USENIX
Security Symposium is also available in ps and pdf formats.



jei <hei at cc.hut.fi> on 1/27/2002 6:27 am wrote:


GET #2 is disk encryption.  Yes, it sounds so simple, but it is a
Great Tabboo, and this time there are no excuses.  None.  You don't
need any network effects.  Regulators in the US have little they can
do about it.  There are about half a dozen great Open Source OSes to
work on.  And yet there is nothing.






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com