[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Backup software; Legato vs. Veritas?

To: sage-members@usenix.org
Subject: Re: Backup software; Legato vs. Veritas?
From: "Richard C. Dempsey" <dempsey@Kodak.COM>
Date: Fri, 07 Jan 2000 08:33:34 -0500
Sender: owner-sage-members@usenix.ORG

At 09:59 AM 1/5/00 -0800, Jurgen Botz wrote:
> [...]
>As for encryption... I have long been puzzled that most backup
>software does not have this feature.  It seems a major weak link in
>any data security scheme to have unencrypted backups.  Yeah, you 
>can put your tapes in a vault, and should, but since you're likely
>to have so many of them and ship some off-site, etc., they seem
>much harder to keep secure than the disks the data came off of.

One of the sessions I attended at LISA 99 hammered home in my mind
that cryptosystem design and implementation is WAY harder than
selecting the right cryptographic algorithm to encode the data.
It does no good to encrypt the data if the key (mis)management
discloses a key.  (ref: disclosure of DVD encryption)

For that matter, encryption does no good in a restoration
situation if the required key is lost, preventing access to the
backup copies of data.

It's also not clear to me that encryption will be wildly effective
if a black hat obtains a backup tape, because he's going to be able
to hit it with all his resources in private.

If the security of your data is sufficiently important to warrant
the investment of the time and effort to design a solid cryptosystem
to protect it from disclosure if the tapes fall into the wrong hands,
I suspect that a fraction of that investment spent first to ensure
proper physical handling and protection of the tapes would be
significantly more effective, both in absolute protection and in
value for governmental currency unit.

In summary, I think it's a whole lot easier to implement proper
physical handling than to go the crypto way.

In fact, I think proper physical handling of the keys would have to
be designed for a crypto solution, anyway.  Why not do it first for
the tapes, and analyze what risks remain?

Rich

Richard C. Dempsey                 email: dempsey@kodak.com
Public Online Services             pager: 716-975-3539
11th Floor, Bldg 83, RL            phone: 716-477-3457
Eastman Kodak Company              fax:   716-722-3885
Rochester, NY 14650-2203

Follow-Ups:
- Re: Backup software; Legato vs. Veritas?
  - From: Gene Rackow <rackow@mcs.anl.gov>
- Re: Backup software; Legato vs. Veritas?
  - From: Howard Kaye <Howie.Kaye@msdw.com>

Prev by Date: Re: Perl localtime() Problems [was Re: *ping*]
Next by Date: Re: Backup software; Legato vs. Veritas?
Prev by thread: RE: Backup software; Legato vs. Veritas?
Next by thread: Re: Backup software; Legato vs. Veritas?
Index(es):
- Date
- Thread