Re: Who secures Backup tapes? UNIX gurus comment please....

Hi,

 for 'really' secure systems, look at trusted oracle -  afaik only available as 7.3 .

 you might want to check out options on encrypting your disks in  hardware. (i think, ibm has got solutions for that)

 it should not be a big deal to write a little program that  des-encrypts stdin and writes it to stdout.  then you could plug this filter into your tar /export /dd scripts.

 of course, this is a non-standard requirement - you might have a hard  time getting support for that.

 for network traffic - there used to be a 'secure sql*net' option.

Karsten

In article <7vk242$1kg$1_at_centipede.wantree.com.au>,   "MTeehan" <MTeehan_at_DELETEME-wantree.com.au> wrote:
> We have a requirement to make sure that all sensitive data is secure
(8i,
> solaris).
> I see backup tapes as a major potential security hole: many sites use
> contractors to take tapes offsite in trolleys/vans etc. What is
stopping
> someone lifting a tape, restoring it to a machine and (at worst) hex
editing
> and stringing the database files? Especially on high capacity DLT's.
Same
> applies to hot swappable RAID disks.
> We need a solution to allow encryption of sensitive (non indexed)
columns
> using a key generated by a system security server. Preferably by a
third
> party product, probably using pl/sql routines.
> This is the level of security that the rest of the system uses -
> networking, authentication etc so backups should be no exception.
> Government sites, financial sites, HR systems : does anybody have
something
> in place to get around this, or am I missing something here?
>
> Thanks!
> Mark
> (remove NOSPAM if responding)
>
>

Sent via Deja.com http://www.deja.com/
Before you buy. Received on Tue Nov 02 1999 - 08:51:26 CST