On Wed, Jun 08, 2005 at 01:33:45PM -0400, [EMAIL PROTECTED] wrote: | | "Ken Buchanan wrote:" | > There are a number of small companies making products that can encrypt | > data in a storage infrastructure, including tape backups (full disclosure: | > I work for one of those companies). The solutions all involve appliances | > priced in the tens of thousands. The costs come not from encryption (how | > much does an FPGA cost these days?), but from solving the problems you | > listed, plus some others you didn't. | > | > Now that the benefit of storage encryption is clearer, tape vendors | > (StorageTek, HP, IBM, etc) are almost certainly looking at adding | > encryption capability into their offerings. | | Another area where I predict vendors will (should) offer built in | solutions is with database encryption. Allot of laws require need-to-know | based access control, and with DBA's being able to see all entries that is | a problem. Also backups of db data can be a risk. | Oracle, for example, provides encryption functions, but the real problem | is the key handling (how to make sure the DBA can't get the key, cannot | call functions that decrypt the data, key not copied with the backup, | etc.). | There are several solutions for the key management, but the vendors should | start offering them.
I would argue that the real problem is that encryption slows large searches (is percieved to slow large searches, anyway.) Adam --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]