encrypted tapes (was Re: Papers about "Algorithm hiding" ?)

astiglic at okiok.com astiglic at okiok.com
Wed Jun 8 13:33:45 EDT 2005


"Ken Buchanan wrote:"
> There are a number of small companies making products that can encrypt
> data in a storage infrastructure, including tape backups (full disclosure:
> I work for one of those companies).  The solutions all involve appliances
> priced in the tens of thousands.  The costs come not from encryption (how
> much does an FPGA cost these days?), but from solving the problems you
> listed, plus some others you didn't.
>
> Now that the benefit of storage encryption is clearer, tape vendors
> (StorageTek, HP, IBM, etc) are almost certainly looking at adding
> encryption capability into their offerings.

Another area where I predict vendors will (should) offer built in
solutions is with database encryption.  Allot of laws require need-to-know
based access control, and with DBA's being able to see all entries that is
a problem.  Also backups of db data can be a risk.
Oracle, for example, provides encryption functions, but the real problem
is the key handling (how to make sure the DBA can't get the key, cannot
call functions that decrypt the data, key not copied with the backup,
etc.).
There are several solutions for the key management, but the vendors should
start offering them.

--Anton


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list