> Am Freitag, 6. Februar 2009 02:09:09 schrieb David Bear: >> Has there ever been much discussion on created encrypted volumes? These >> would work like a local encrypted file system - without they key, they are >> useless. I'm thinking that you might need an fs setkey or something like >> that to insert the key into the cache manager.. fs mkmount could have a >> switch that would specify it was an encrypted volume.. >The problem is that volumes in AFS are not mounted and unmounted all the time. >The are mounted into the tree once and are usually available anytime. To >prevent access to sensitive files, use ACLs. >Things like ecryptfs, truecrypt or LUKS only protect data as long as the >volume is _not_ mounted. Once mounted, normal Unix access permissions or ACLs >apply. So what you could do is to create encrypted vice partitions and put >volumes with sensitive data onto those, so that in case of theft or whatever >the data cannot be read by the attacker. Sorry, but I think you see this from the wrong angle. The point I think here is to protect sensitive data even against admins, the guys who can read /vicep* anyway...
Having said this, it is clear the encryption has to be on the client side. Thus I guess a way to implement this could be : * each Volume has an attribute "encryption-UUID" if the Volume is not encrypted this value is just empty. * A client can have multiple encryption-keys wich are set with "fs setkey -uuid=blah -passphrase=blahblah -alg=superblah" * if the client wants to read from a volume which has an "encryption-UUID" it looks into it's internal table for this UUID and tries to encrypt it with the matching parameters, if there's no such entry it just returns the raw data. I haven't thought about how to implement this *really*, but I hope this could continue the discussion... T/Christof BTW: this could be "easily" extended to the directory- or file-level... _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
