[PLUG] Secure filesystem?

Percival, Ray Ray.Percival at summit.fiserv.com
Tue Nov 19 21:37:03 UTC 2002


Alex,

Crypto is the answer to the questions you have asked. Learn how to use it and implement it. If the data is that important you will have to educate your lusers anyway. 

-----Original Message-----
From: Alex Daniloff 
Sent: Tuesday, November 19, 2002 1:38 PM
To: plug at lists.pdxlinux.org
Subject: Re: [PLUG] Secure filesystem?


Hello,

> 
> The first question is why are you seeking to do this?  Are you, per 
> chance, trying to comply with HIPAA? :-)  If you're motivated by 
> external requirements, it may be better to ask how others are
solving 
> this specific problem instead of asking about a generic solution.
> 

I'm not trying to comply with anything. This solution should solve
data security problems in some business operations.


> The second question is if you're comingling requirements.  Do you
really 
> need to have combined encryption and access control?  Or can you 
> separate them - handle encryption entirely on a closed file server 
> (protecting the disk from mirroring), and use standard access
control 
> tools to limit access?  Or do you need to protect the data in
transit, 
> which means you need something like NFS-over-SSH or SMB+SSL?  Or
perhaps 
> you can use a standard file server since the files are stored and
sent 
> in ciphertext, and all decryption is done by the individual client.

Imagine situation, when burglars,FBI,CIA or other crooks are breaking
into your office and taking your server or hard drive away to look
into your secret data files.
What method of data protection should be chosen in this situation
besides glueing a brick of dynamite to the each hard drive? :)
Securing data in transit is also very important, but there are many
different concepts were developed already to cover this area.

Alex

_______________________________________________
PLUG mailing list
PLUG at lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug






More information about the PLUG mailing list