ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] TDPO and encryption

2007-03-22 16:00:09
Subject: Re: [ADSM-L] TDPO and encryption
From: Neil Rasmussen <rasmussn AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 22 Mar 2007 12:59:33 -0700 
Encryption is supported through the TSM API starting at 5.3. To set it up
with DP Oracle/RMAN you need to make the following changes in your dsm.sys
for the DP Oracle stanza, for instance:


enableclientencryptkey   yes
encryptiontype                   AES128
include.encrypt                  /adsmorc/.../*

This assumes that your TDPO_FS is 'adsmorc' (the default) and that you
want all Oracle backups to be encrypted.


Regards,

Neil Rasmussen
Software Development
Data Protection for Oracle
rasmussn AT us.ibm DOT com




Hans Christian Riksheim <HCR AT STERIA DOT NO>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
03/22/2007 02:24 AM
Please respond to
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>


To
ADSM-L AT VM.MARIST DOT EDU
cc

Subject
TDPO and encryption






Hi,

does anyone have any experience with rman/tdpo and encryption?

I have not found any detailed information on how to implement it and the
redbook from 2001(Backing up Oracle using TSM) does not mention it.

I have learned that there are two ways of doing it:

Client handles encryption through the API. Here I have not seen how to
set this up with RMAN.


API handles it transparently and stores the key on the TSM-server. I
haven't fully understood the security implications of this method. I
don't understand how this method can be as secure as for example
BA-encryption where the key is held by the administrator of the client.


Anyway, any tip on how to do it or pointers to information is much
appreciated.


Best regards

Hans Chr. Riksheim


<html><body><br /><br /><br /><font face="Arial" size="1"><hr>This email
originates from Steria AS, Biskop Gunnerus' gate 14a, N-0051 OSLO,
http://www.steria.no. This email and any attachments may contain
confidential/intellectual property/copyright information and is only for
the use of the addressee(s). You are prohibited from copying, forwarding,
disclosing, saving or otherwise using it in any way if you are not the
addressee(s) or responsible for delivery. If you receive this email by
mistake, please advise the sender and cancel it immediately. Steria may
monitor the content of emails within its network to ensure compliance with
its policies and procedures. Any email is susceptible to alteration and
its integrity cannot be assured. Steria shall not be liable if the message
is altered, modified, falsified, or even edited.</font></body></html>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] TDPO and encryption, Allen S. Rout
Next by Date:  Re: [ADSM-L] Running both 32- and 64-bit TDPOracle on same machine, Neil Rasmussen
Previous by Thread:  Re: [ADSM-L] TDPO and encryption, Allen S. Rout
Next by Thread:  Re: [ADSM-L] TDPO and encryption, Prather, Wanda
Indexes:  [Date] [Thread] [Top] [All Lists]