Practical use of the HP Ultrium LTO4 Tape Drive with encryption

Search:

Practical use of the HP Ultrium LTO4 Tape Drive with encryption

To use the encryption feature of the Ultrium LTO-4 Tape Drive, you have to instruct the tape drive to encrypt or decrypt data and issue the appropriate key.
When power is removed, encryption is not enabled by default and the keys are not stored in the drive.
The new SCSI commands SPOUT (Security Protocol Out) and SPIN (Security Protocol In) are used to set encryption and supply the key associated data, which is used to reference the correct key when restoring data.
There are several ways you can implement encryption for tape drives. The following lists the different methods for completeness, however not all these methods are referenced solutions

Software-based encryption
Software-based encryption encrypts the data before it leaves the server and keys
are stored in the internal database or catalog of the application. This method of
encryption places a high load on the server as the software performs many
mathematical operations using host processing power. Several applications
including HP Open View Storage Data Protector 6.0 offer encryption as a feature.
Although the security of date encrypted this way is very high (as the data is
encrypted in transit), because encrypted data is highly random it then becomes
impossible to achieve any data compression downstream in the tape drive and
therefore storage is inefficient.

Keys managed by the ISV application, also known as in-band key management
The ISV software supplies the keys and manages them, and the Ultrium LTO4
Tape Drive then performs the encryption. Keys would be referenced by the key-
associated data and stored in the applications internal database. (Please refer to
your individual ISV backup application vendor for support of this functionality).

Native mode encryption
This method controls the LTO4 encryption from within the tape drive library.
There is one key that is set by way of the library management interface (Web
GUO or Operator Control Panel).This method encrypts all tapes with the same
key, with the downside of negatively impacting the security level.

An in-band encryption appliance
In-band encryption intercepts the Fibre Channel links and encrypts the data in-
flight. These products are available from several vendors such as Neoscale and
Decru. Key management is from a hardened key management appliance. This
method is independent of ISV software and supports legacy tape drives and
libraries. Data compression must be performed by these devices as compression
within the tape drive is not possible after encryption .

Key management is a vital component of any cryptographic system. Keys must be generated, stored, and issued as required, but destroyed when no longer required. Keys for the Ultrium LTO4 Tape Drive encryption function are 256 bits long with new keys typically issued for each tape. The SCSI initiator sets or unsets the keys and to accommodate multiple SCSI initiators, which are common in an enterprise-level application, the LTO4 tape drive can hold up to 32 different keys. Good practice encryption techniques require the generation of unpredictable random keys and realistically this is not a manual task. Some applications use a passphrase system to generate keys, but this can lead to weakening the cryptography. Passphrase is generated by hashing the phrase with a secret number. However, hashes can be broken if guesses are made for standard English words or names. Modern computer hardware, for example, can break passwords which are produced by a hash algorithm in approximately 15 seconds if standard words are contained in the original password. However, passphrase generation can still be an effective solution in the SMB market where security of tape is important but a full key management system is expensive and too complicated. It is also necessary to have a key destruction system for when a tape is no longer in use or recycled by the backup application. In an enterprise wide key management unit there may be several thousands of keys in use at any one time.

It is also necessary to have a key destruction system for when a tape is no longer in use or recycled by the backup application. In an enterprise wide key management unit there may be several thousands of keys in use at any one time.Cryptography is an extensive subject; this white paper has been written to introduce the basic cryptography ideas and functions providing a greater insight into a practical data protection solution based on the Ultrium LTO4 Tape Drive.
An understanding of cryptography helps to provide a level of confidence in the security of the encryption used together with the importance of good key management as losing the key equates to losing data with tapes no longer accessible.
Standards are important in data protection and enable customers to meet increasing demands for legal compliance by demonstrating that sensitive data is adequately protected. Having industry-standard AES encryption as part of the LTO4 format adds further to the benefits of tape-based backup and archival, tape is now the most economical and one of the most secure forms of archival storage for valuable data. The Ultrium LTO4 Tape Drive delivers both the performance and security features necessary to support the most robust data protection strategy.

For further details and online order, please visit www.tape4backup.com

Article Source: http://articlenexus.com

ShawnPaul Tape4backup.com, 34972 Newark Blvd, # 501, Newark CA 94560 Tel: 888-491-4949 Fax: 888-449-5050 Visits Us At: http://www. tape4backup.com Email Us: links@tape4backup.com Copyright © 2005 Tape 4 Backup All rights reserved. www.tape4backup.com/privacypolicy.php

Please Rate this Article

Not yet Rated

Click the XML Icon Above to Receive Internet Articles Via RSS!

Additional Articles From - Home | Internet

Affiliate marketing campaign a good set of strategies always come - By : Dimple Rawat
How To Succeed at Affiliate Marketing?. - By : Sandy
Making Money On The Internet. An Overview. - By : John Milligan
Selling Your Own Products-A Guide To Make Money Online - By : Aman Sharma
Antivirus Software - By : Groshan Fabiolas
Avoid An Affiliate Business Disaster With These 5 Tips - By : John Baril
Free Internet Marketing Methods To Save Your Internet Business - By : suegold
Why is Affiliate Marketing A Cost-Effective Way to Advertise - By : suegold
Significance of Golden Rules of Internet Marketing - By : Rajesh Khanna
What are the Health Effects of Internet Marketing? - By : Rajpatnia

STOP Paying for Your Ads! FREE Pay Per Click!

Everything you need for your website and home business.
	Adsense Site Builder
	Adsense Analyzer Software
	Clip Art
	Domain Names
	Header Graphics
	Make Money Online
	Photo Art
	Resell Rights Products
	SEO Software
	Web Hosting $4.95/mo
	Website Templates
	Web Site Promotion Tools
AdvancedWebsiteTools.com

	Print This Article
	Add To Favorites
	Email to Friends
	Ezine Ready

Submit Articles
Member Login
Top Authors
Most Popular Articles
Submission Guidelines
Ezine Notifications
Article RSS Feeds

(Your 160x160 ad here)
Only $50 a month-click here

Link Exchange
Blog by WordPress
Privacy Policy
Terms of Service
About Us
Contact Us
Banner Advertisements

Have you Victimized by a Business or the Government? File your consumer complaints or business complaints at BusinessReporter.net!

Structured Settlement?
Free information to help you learn more about structured settlements, your rights, and how to select the best company for you.

Affordable Discount Dental Plans
Choose from over 30 top-quality national and regional discount dental plans. Save 10% to 60% on most dental procedures

Classic Autos
Replica Kit Cars

Links

Bad Credit Repair

Hair Loss Remedies

Steiff Bears, Antique Bears

Model Railroading | Model Trains

Fighting Foreclosure

toe nail fungus

Free Diabetic Supplies

Antique Radios | Ham Radios

Crazy Fox Review