Home > Storage Magazine > Columns > Untangling the encryption chain
EMAIL THIS
Storage Magazine

  CURRENT ISSUE  
  FEATURES  
  TOOLS, TRENDS & ANALYSIS  
  COLUMNS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Untangling the encryption chain
by Stephen Foskett
Issue: Oct 2006
printer-friendly
< PREV PAGE   |   1  |   2  |   3  |   NEXT PAGE  >

Building the chain
How can we break up this logjam? Let's look at another arena where encryption is actively being pursued--digital television. Without endorsing encrypted television signals (which I'm opposed to), we can still learn a lesson about how to approach encryption. The "end-to-end" encryption of digital television would still permit decryption and re-encryption at authorized points to allow advanced functions. For example, a future TiVo would receive an encrypted stream, decrypt it, perhaps re-encode or process it, store it and re-encrypt it before sending it to the television.

Let's apply this to storage. If we developed a system that allowed a deduplication engine or storage router to decrypt the data coming in and re-encrypt it after processing, we could enable encryption everywhere in the network. We'd be building a chain of encrypted segments.

Every device in the chain would have to understand the encryption scheme used and share keys to make this work. This would require an advanced key management system and open API to allow different combinations of equipment to interoperate. This last bit sounds like...



a job for the Storage Networking Industry Association (SNIA), but I don't see it happening yet. Maybe a vendor-specific API like NeoScale's will be adopted as a de facto standard.

Of course, there's another possibility. A vendor could engineer its own end-to-end infrastructure with completely integrated encryption at every point. Of course, it would need to have its products everywhere along the chain: software installed on the servers managing the storage, intelligent switches, virtualization appliances and arrays. It would also need some serious encryption and key management expertise.

When EMC bought RSA Security this past summer, many observers were left scratching their heads wondering where the fit was. Some suggested it was simply an opportunistic acquisition, others thought it was a defensive move to keep the company away from Symantec, while a few just threw up their hands and said EMC was crazy. I say the company was crazy like a fox! If anyone could pull off an end-to-end, single-vendor encrypted infrastructure like the one I just described, it would be the combination of EMC and RSA. Maybe encryption will happen after all.

< PREV PAGE   |   1  |   2  |   3  |   NEXT PAGE  >





TechTarget Storage Media
Storage Magazine View this month\\'s issue and subscribe today.
Storage Decisions Apply online for free conference admission.
SearchStorage.com
HomeNewsMagazineTopicsLearningMultimediaWhite PapersBlogsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2000 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts