Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
security [2018_01_30 17:23] – external edit 127.0.0.1 | security [2019_04_10 18:15] – steven | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | |||
- | |||
- | |||
====== Security ====== | ====== Security ====== | ||
Line 9: | Line 6: | ||
===== 1 Data Center ===== | ===== 1 Data Center ===== | ||
- | |||
- | |||
{{:/ | {{:/ | ||
Line 17: | Line 12: | ||
- | ===== 2 On the wire security | + | ===== 2 Encrypted Data in Motion |
+ | {{:/ | ||
+ | HTTPS is configured by default for all users of the Cloud File Server SaaS users and Appliance. | ||
- | {{:/ | + | A commercial server that uses HTTPS must have a public key certificate issued that verifies the entity. The end-user can verify the entity by clicking on the HTTPS icon from the browser. |
- | HTTPS can be configured for all users of the Cloud File Server Saas users and Appliance. | + | Clients should connect to the File Fabric appliance using a URL that starts with HTTPS. |
+ | Administrators should also connect to storage providers using HTTPS. For storage providers with a fixed endpoint including AWS S3, Azure, Google Cloud Storage the File Fabric always uses HTTPS. | ||
===== 3 Data Security ===== | ===== 3 Data Security ===== | ||
+ | {{:/ | ||
- | {{:/security:steps:sme_3_data_security.png}} | + | Storage Made Easy can be used to encrypt data transmitted to any cloud that is mapped to a user personal, Cloud File Server, or Appliance account. SME uses [[http:// |
+ | * an initial Round Key addition | ||
+ | * Nr-1Rounds | ||
+ | * a final round. | ||
+ | |||
+ | The chaining variable goes into the input and the message block goes into the âCipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael; | ||
+ | |||
+ | Any AES-256 decryption tool that supports the Rijndael cipher with 16 byte blocksizes can be used to un-encrypt files. We also provide free desktop decryption tools for [[https:// | ||
- | Storage Made Easy can be used to encrypt data transmitted to any cloud that is mapped to a user personal, Cloud File Server, or Appliance account. SME uses [[http:// | + | The Wiki entry on encryption has further details. |
Line 50: | Line 56: | ||
{{:/ | {{:/ | ||
- | Documents can be securely shared using the SME platform in a number of ways:\\ \\ - Documents can be encrypted on upload using 256 bit AES security. The private key is not stored on the platform and only known by the user.\\ - Private links can be created for documents and these can be combined with passwords to secure the document.\\ - Links can be set to be time expired and/or combined with private links and password for further additional document security. | + | Documents can be securely shared using the SME platform in a number of ways: |
+ | * Documents can be encrypted on upload using 256 bit AES security. The private key is not stored on the platform and only known by the user. | ||
+ | * Private links can be created for documents and these can be combined with passwords to secure the document. | ||
+ | * Links can be set to be time expired and/or combined with private links and password for further additional document security. | ||