Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
security [2019_06_18 15:39] – [11 Data Security] jimsecurity [2019_06_18 16:16] – [2 Encrypted Data in Motion] jim
Line 2: Line 2:
 ====== Security ====== ====== Security ======
  
-SME provides a SaaS and hybrid on-premise Cloud solution which provides unique Cloud federation, governance and management features. This section of the Wiki outlines the security that is inherent within the SME hosted and on-premises appliance +SME provides a SaaS and hybrid on-premises multi-cloud content management solution called the Enterprise File Fabric.  This provides unique federation, governance and data management features. This section of the Wiki outlines the security that is inherent within the SME hosted and on-premises versions of the File Fabric.
 ===== 1 Data Center ===== ===== 1 Data Center =====
  
Line 20: Line 19:
 Administrators should also connect to storage providers using HTTPS. For storage providers with a fixed endpoint including AWS S3, Azure, Google Cloud Storage the File Fabric always uses HTTPS. Administrators should also connect to storage providers using HTTPS. For storage providers with a fixed endpoint including AWS S3, Azure, Google Cloud Storage the File Fabric always uses HTTPS.
  
 +[[https://www.ssllabs.com/ssltest/analyze.html?d=storagemadeeasy.com|Check out]] our online sites using [[https://www.ssllabs.com/index.html|Qualys SSL Labs site check]].
 ===== 3 Encryption Algorithm ===== ===== 3 Encryption Algorithm =====
  
-Storage Made Easy can be used to encrypt data transmitted to any cloud that is mapped to a user personal, Cloud File Server, or Appliance account. SME uses [[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard|AES]]-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. The cipher Rijndael consists of:+The Enterprise File Fabric can be used to encrypt data transmitted to any cloud that is mapped to a user personal, Cloud File Server, or Appliance account. The File Fabric uses [[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard|AES]]-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. The cipher Rijndael consists of:
   * an initial Round Key addition   * an initial Round Key addition
   * Nr-1Rounds   * Nr-1Rounds
Line 29: Line 29:
 The chaining variable goes into the input€ and the message block goes into the “Cipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael; The chaining variable goes into the input€ and the message block goes into the “Cipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael;
  
-Any AES-256 decryption tool that supports the Rijndael cipher with 16 byte blocksizes can be used to un-encrypt files. We also provide free desktop decryption tools for [[https://storagemadeeasy.com/clients_and_tools#Mac|Mac]], [[https://storagemadeeasy.com/clients_and_tools#Windows|Windows]] and [[https://storagemadeeasy.com/clients_and_tools#Linux|Linux]] that enable the decryption of a file if you download it directly from a mapped cloud ie. without any access to the SME service.+Any AES-256 decryption tool that supports the Rijndael cipher with 16 byte blocksizes can be used to un-encrypt files. We also provide free desktop decryption tools for [[https://storagemadeeasy.com/clients_and_tools#Mac|Mac]], [[https://storagemadeeasy.com/clients_and_tools#Windows|Windows]] and [[https://storagemadeeasy.com/clients_and_tools#Linux|Linux]] that enable the decryption of a file if you download it directly from a mapped cloud ie. without any access to the File Fabric service.
  
 See also [[https://storagemadeeasy.com/pressrelease/FIPS-140-2-compliance/|FIPS U.S. Federal Government Validation of the Enterprise File Fabric™ Cryptographic Algorithm]]. See also [[https://storagemadeeasy.com/pressrelease/FIPS-140-2-compliance/|FIPS U.S. Federal Government Validation of the Enterprise File Fabric™ Cryptographic Algorithm]].
- 
 ===== 4 Authentication Security ===== ===== 4 Authentication Security =====
  
Line 63: Line 62:
 {{:/security:steps:sme_6_access_control_secur.png}} {{:/security:steps:sme_6_access_control_secur.png}}
  
-SME supports Access Control Permissions at a Role, User, or folder level for shared folders. The Permissions can be taken from Active Directory if single sign-on is being used.+The File Fabric supports Access Control Permissions at a Role, User, or folder level for shared folders. The Permissions can be taken from Active Directory if single sign-on is being used.