ADSM-L

Encryption

1994-11-09 14:58:25
Subject: Encryption
From: Mickey Bennett <mbennet AT MBENNET.DOA.STATE.LA DOT US>
Date: Wed, 9 Nov 1994 13:58:25 CST
>
>1.  Should ADSM allow for keys to be changed on a time basis?

Not a requirement

>2.  Should ADSM administrators set the keys and provide to end users, end
>    users only set the keys, a combination of above under admin control, etc?

Control at Admin level is sufficient

>3.  If keys are allowed to be changed, then is the user/site willing to
>    sign up for prompting the end user to enter key-1, key-2, ... key-n
>    for all files to be restored?

Prompting O.K. for restore (only for *encrypted* data)

>4.  Is encryption just needed for transmission and not storage?  ie:
>    encrypt the data over the wire with the session key, but decrypt it before
>    it is stored since the physical media is protected?  Are sites willing
>    to take the performance penalty for the dual encryption?
>

It is not *necessary* for ADSM to encrypt data when stored (the physical media
*is* protected via existing mainframe security), but we would *not* want an
unnecessary performance penalty . . .  i.e.: stored as encrypted is tolerable.

*-*-*-*-*-*-*-*-*-*-*
Type of Business:  State Government

Mickey Bennett       Info. Sys. Technical Support Specialist 3
State of Louisiana                 Voice: (504) 342-5165
D.O.A./O.I.S.  Software Support   FAX:   (504) 342-5137
P.O. Box 44335
Baton Rouge, LA  70804     Email:  Mickey AT mbennet.doa.state.la DOT us
<Prev in Thread] Current Thread [Next in Thread>