One use case is backups. If someone can access a backup outside of the controls the system it resides on employs they could not compromise the data. Consider potential data services that host backups offsite for instance. Your protecting your data while entrusting someone with ensuring its available
That’s a strong use case I think Matt Hogstrom +1 (919) 656-0564 > On Aug 3, 2019, at 12:48, Cameron Conacher <conac...@gmail.com> wrote: > > Hello everyone, > I have a curiousity question about Pervasive Encryption. > If we are already protecting resources with RACF, what additional benefit > do we get from Pervasive Encryption? I think it is a good idea, since > encrypted data lets me sleep better. Pervasive Encryption appears to be > very simple to implement. > My understanding (which may be incorrect) is that RACF will be used to > control encryption key access based on dataset profile rules and RACF rules. > If a RACF ID does not have access to the encryption keys then they cannot > access the dataset. > But at the same time, if a RACF ID does not have access to the dataset, > they cannot access it. > > So, if the underlying file is encrypted, what addition security is in place? > Maybe if someone breaks into the data centre and steals the disk drives? > > If a hacker gets a RACF ID, and the RACF ID allows them to access the > dataset, then they can read the data. > But, isn't that where we are today? No RACF ID = no access. > > Obviously I am missing something here. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
