Re: [ADSM-L] Tape Encryption
2015-07-08 16:05:05
The TSM Redbook found at http://www.redbooks.ibm.com/redbooks/pdfs/sg247505.pdf
has a chapter on TSM managed tape encryption and how it is handled.
David
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
McWilliams, Eric
Sent: Wednesday, July 08, 2015 2:50 PM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] Tape Encryption
We are currently encrypting our data as it is being written to tape. The
auditors want to know how the encryption keys are managed. All I can find is
that the keys are managed by the Tivoli Storage Manager.
Does anyone have any documentation that explains how the keys are managed and
what keeps someone from decrypting a tape that is lost or stolen?
tsm: >q dev ltodevc f=d
Device Class Name: LTODEVC
Device Access Strategy: Sequential
Storage Pool Count: 1
Device Type: LTO
Format: DRIVE
Est/Max Capacity (MB):
Mount Limit: DRIVES
Mount Wait (min): 60
Mount Retention (min): 60
Label Prefix: ADSM
Drive Letter:
Library: MEDSLIB
Directory:
Server Name:
Retry Period:
Retry Interval:
Twosided:
Shared:
High-level Address:
Minimum Capacity:
WORM: No
Drive Encryption: On
Scaled Capacity:
Primary Allocation (MB):
Secondary Allocation (MB):
Compression:
Retention:
Protection:
Expiration Date:
Unit:
Logical Block Protection: No
Last Update by (administrator):
Last Update Date/Time: 12/08/2014 13:14:44
Volume Name: XXXXXXX
Storage Pool Name: TAPEPOOL
Device Class Name: LTODEVC
Estimated Capacity: 2.3 T
Scaled Capacity Applied:
Pct Util: 100.0
Volume Status: Full
Access: Read/Write
Pct. Reclaimable Space: 0.0
Scratch Volume?: Yes
In Error State?: No
Number of Writable Sides: 1
Number of Times Mounted: 1
Write Pass Number: 1
Approx. Date Last Written: 07/02/2015 05:16:24
Approx. Date Last Read: 07/02/2015 05:16:24
Date Became Pending:
Number of Write Errors: 0
Number of Read Errors: 0
Volume Location:
Volume is MVS Lanfree Capable : No
Last Update by (administrator):
Last Update Date/Time: 06/30/2015 18:17:40
Begin Reclaim Period:
End Reclaim Period:
Drive Encryption Key Manager: Tivoli Storage Manager
Logical Block Protected: No
Thanks
Eric
**********************************************************************
*** CONFIDENTIALITY NOTICE ***
This message and any included attachments are from MedSynergies, Inc. and are
intended only for the addressee. The contents of this message contain
confidential information belonging to the sender that is legally protected.
Unauthorized forwarding, printing, copying, distribution, or use of such
information is strictly prohibited and may be unlawful. If you are not the
addressee, please promptly delete this message and notify the sender of the
delivery error by e-mail or contact MedSynergies, Inc. at postmaster AT
medsynergies DOT com.
|
|
|