LISTSERV - HP3000-L Archives

HP3000-L Archives

July 2007, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 2007, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Data Encryption on TurboImage/MPE
From:	Tracy Johnson <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Fri, 13 Jul 2007 21:36:42 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (125 lines)

I just find it funny that all of a sudden after 60 odd years of computers there is 
a sudden need for encrypting data where it resides.  It still begs the question of 
lack of access control.

If the hypothetical HR Dept. has its data on a host, and the hypothetical Shipping 
Dept. has access to HR's data, what kind of access control is that?

I recall upon receipt of my set of rainbow books in the early 1980's and a 
discussion of the (then theoretical) "Class A1" trusted information system holding 
the highest levels of classified data:

"A blackboard with something written on it can be a Class A1 trusted information 
system.  All you need to do is put it in a locked room and have users sign in and 
out at the door where the armed guard is."

Taking away the armed guard and lowering the Trusted Criteria a bit, what I 
understand is being wanted here, is to require users to decode gibberish written 
on the blackboard AFTER they have already been let in!

If you see my point, it is far more practical, (if not as efficient) to encrypt 
data as it is being transmitted, to and from a host and decrypted upon receipt. 
If a key is lost, you may always transmit again using a new key.

There is also additional risk if the data is encrypted on the host.  If you've 
lost the key, you've lost everything.

Encrypting data at the host DOES have it's uses.  On a PC where there is no access 
control and the hard drive can be compromised easily, such as at home, or in 
airline baggage, host encryption makes sense and the user counts on it.  But that 
user also runs the same risk if he forgets the key.

I think the key here are differences between multiuser hosts and PCs.  The line 
became blurred when they starting using PCs as multiuser servers and basic 
concepts of security became lost.

[log in to unmask] wrote:
> First you need to know what the confidentiality parameters of the data
> to be encrypted are.  There is no description of the problem, which
> makes most of this discussion nebulous.
> 
> What is the cost of loss of confidentiality?  How would your business
> be affected by the exposure of the information?
> 
> What is the value of the information to parties that would seek the
> information?  Who are they?   What resources can they bring to bear?
> 
> Where are your vulnerabilities?  Are there more cost effective ways to
> ensure confidentiality than encryption?
> 
> How do you secure the encryption keys from unauthorized access?  Is
> detection of key exposure and duration important?  Cost per unit of
> time of exposure?  How do you recover (i.e. re-encrypt data)?  What is
> the cost of recovery?
> 
> Can the encryption key be lost?  If it is lost, can the data be
> recovered?  If the data cannot be recovered, what is the cost to the
> business?
> 
> 
> When and how to encrypt any business data requires at least cursory
> risk analysis.
> 
> A standalone system that contains HR information generally requires
> confidentiality from all other personnel, including tech staff.  One
> of the main uses of encryption.
> 
> Internally networked servers generally do not need encrypted
> communications, depending on network configuration.
> 
> The bottom line is that there is no where enough information presented
> here to say that host data encryption is a waste of time, nor enough
> information to say that any form of transmission of the data warrants
> encryption.  Is this dangerous?  Is this important?  Maybe, maybe not,
> the gross lack of information as to the business reason,
> vulnerabilities, threats, and general consequences of confidentiality
> failure are completely unknown here.
> 
> Pete
> 
> 
> On 7/13/07, Tracy Johnson <[log in to unmask]> wrote:
>> Encryption of data on the host itself is really a waste of time.  
>> Why?  Unless
>> there is no access control at the host?
>>
>> Encryption during transmission between two computers is usually how it 
>> is done
>> because that is when data is vulnerable.
>>
>> Larry Page wrote:
>> > Mark,
>> >
>> > Thank you, for the details. We are looking to encrypt one field in 
>> some of the datsets that we have, i.e encryption of data in the 
>> database. you mention external routines, are there routines readily 
>> available which can be used on the MPE? I agree that AES is a better 
>> encryption procedure, but programming that will be time consuming, it 
>> would be great if there was a pre-tested and packaged routine was 
>> avaialbel for MPE.... could you please share your experience on 
>> this.... that would be very helpful
>> >
>> > -Thank you
>> >

-- 
BT

Tracy Johnson
Justin Thyme Productions
Ye olde free telnet games at:
http://hp3000.empireclassic.com/

NNNN

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU