Encryption
1994-11-09 14:58:25
>
>1. Should ADSM allow for keys to be changed on a time basis?
Not a requirement
>2. Should ADSM administrators set the keys and provide to end users, end
> users only set the keys, a combination of above under admin control, etc?
Control at Admin level is sufficient
>3. If keys are allowed to be changed, then is the user/site willing to
> sign up for prompting the end user to enter key-1, key-2, ... key-n
> for all files to be restored?
Prompting O.K. for restore (only for *encrypted* data)
>4. Is encryption just needed for transmission and not storage? ie:
> encrypt the data over the wire with the session key, but decrypt it before
> it is stored since the physical media is protected? Are sites willing
> to take the performance penalty for the dual encryption?
>
It is not *necessary* for ADSM to encrypt data when stored (the physical media
*is* protected via existing mainframe security), but we would *not* want an
unnecessary performance penalty . . . i.e.: stored as encrypted is tolerable.
*-*-*-*-*-*-*-*-*-*-*
Type of Business: State Government
Mickey Bennett Info. Sys. Technical Support Specialist 3
State of Louisiana Voice: (504) 342-5165
D.O.A./O.I.S. Software Support FAX: (504) 342-5137
P.O. Box 44335
Baton Rouge, LA 70804 Email: Mickey AT mbennet.doa.state.la DOT us
|
|
|