Feature

Tape encryption strategies

Ezine

This article can also be found in the Premium Editorial Download "Storage magazine: Salary survey reveals storage skills are in demand."

Download it now to read this article plus other related content.

Large firms need an ETE architecture
Tape-encryption products that provide little more than "antidisclosure" insurance may be in vogue today, but the encryption needs of large organizations will soon move beyond this limited scope. Rather than implement multiple tape-encryption solutions, Enterprise Strategy Group (ESG) believes savvy CIOs will look at a new class of security products we call Enterprise Tape Encryption (ETE). Unlike most self-contained point solutions, ETE is built as a set of encryption services. As such, ETE:

Separates encryption and administrative functions. ETE services like cryptographic processing, key management and administration are discrete objects. By distributing these services, the actual cryptographic processing can be performed on high-speed security processors, while key management and administration can be centralized for operational efficiency and high security. This model will be especially important over time because it offers scale and performance benefits as more data is encrypted. For scalability, today's all-in-one, server-based solution can migrate gracefully to a distributed model over time.

Provides for ease of integration. ETE services are easily accessible to systems that need to encrypt data and the devices that perform the actual encryption operations. ETE acts as encryption middleware with open APIs used for requesting or performing encryption services.

Virtualizes key management.

Requires Free Membership to View

To maintain the availability of critical key-management services, many of today's encryption appliance products must be configured in pairs for failover. Rather than clustering boxes, ETE uses a distributed database built on multiple distributed systems similar to the global Domain Name System (DNS) infrastructure. This architecture increases performance by localizing ETE service requests, thus minimizing latency. It also eliminates any single point of failure; if a local ETE system is offline, the ETE service simply calls another.

Accommodates key sharing. ETE recognizes the need for key sharing among enterprise data centers and business partners. ETE offers multiple technical solutions, including Public Key Infrastructure, Kerberos, shared secret keys and secure decryption utilities.

This was first published in November 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: