GT.M Database Encryption

Similar documents
Ralph Durkee Independent Consultant Security Consulting, Security Training, Systems Administration, and Software Development

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Cipher Suite Configuration Mode Commands

Cryptography: Practice JMU Cyber Defense Boot Camp

IBM Systems and Technology Group

FIPS Security Policy UGS Teamcenter Cryptographic Module

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Using Cryptography CMSC 414. October 16, 2017

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Protecting Your Data With Encryption

Using keys with SSH Rob Judd

APNIC elearning: Cryptography Basics

PROTECTING CONVERSATIONS

PASSWORDS & ENCRYPTION

1.264 Lecture 28. Cryptography: Asymmetric keys

Storage Area Networks: Performance and Security

Cuttingedge crypto graphy

Computer Security: Principles and Practice

CSC 774 Network Security

GT.M is a trademark of Fidelity Information Services, Inc. Other trademarks are the property of their respective owners.

Security. Communication security. System Security

FIPS Security Policy. for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Version 2.0. FIPS Non-Proprietary Security Policy. Certicom Corp. September 27, 2005

CSC 474/574 Information Systems Security

Security in the CernVM File System and the Frontier Distributed Database Caching System

Configuring File Server Resource Manager (FSRM)

Security PGP / Pretty Good Privacy. SANOGXXX July, 2017 Gurgaon, Haryana, India

Security with VA Smalltalk

WAP Security. Helsinki University of Technology S Security of Communication Protocols

CRYPTOGRAPHY. Jakub Laszczyk. June 7th,

An Introduction to Key Management for Secure Storage. Walt Hubis, LSI Corporation

Sharing Secrets using Encryption Facility - Handson

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

SecureDoc Disk Encryption Cryptographic Engine

Encryption I. An Introduction

The Linux Kernel Cryptographic API

CSC/ECE 774 Advanced Network Security

My special thanks to...

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

Lab: Securing with PGP

IBM i Version 7.2. Security Cryptography IBM

Oracle B2B 11g Technical Note. Technical Note: 11g_006 Security. Table of Contents

Check Table Oracle Database Status Windows Script

Application of Cryptography in.net Framework

IBM. Security Cryptography. System i. Version 6 Release 1

MQ Message Encryption Overview

Data encryption & security. An overview

Digital Certificates Demystified

Bacula. Ana Emília Machado de Arruda. Protegendo seu Backup com o Bacula. Palestrante: Bacula Backup-Pt-Br/bacula-users/bacula-devel/bacula-users-es

This Security Policy describes how this module complies with the eleven sections of the Standard:

Introduction to Cryptography

Mailvelope for Encryption

Due: October 8, 2013: 7.30 PM

Comparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance. By Akshay Thorat

Security context. Technology. Solution highlights

Architectural Support for Copy and Tamper Resistant Software

ECE 646 Lecture 4A. Pretty Good Privacy PGP. Short History of PGP based on the book Crypto by Steven Levy. Required Reading

Pretty Good Privacy PGP. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E

Encrypt Data (QC3ENCDT, Qc3EncryptData) API

Configuring Password Encryption

Enterprise Volume Management System Project. April 2002

CSE 127: Computer Security Cryptography. Kirill Levchenko

Accelerate with ATS Encrypting Data at Rest with the DS8000

Lecture III : Communication Security Mechanisms

ECE 646 Lecture 4. Pretty Good Privacy PGP

Using PGP Encryption with Cornerstone MFT Server

Sentry Power Manager (SPM) Software Security

Pretty Good Privacy (PGP

Backup, File Backup copies of individual files made in order to replace the original file(s) in case it is damaged or lost.

SATELLAR and VPN. 2/2017 SATEL technical bulletin SATELLAR

There are numerous Python packages for cryptography. The most widespread is maybe pycrypto, which is however unmaintained since 2015, and has

BreakingVault SAP DataVault Security Storage vulnerabilities

Yale Software Library

Setting an OpenVPN on Linux and MikroTik to securely access a web server. Teddy Yuliswar MikroTik Certified Trainer #TR0442

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

Public Key Infrastructures

Encryption and Forensics/Data Hiding

SharkFest 17 Europe. SSL/TLS Decryption. uncovering secrets. Wednesday November 8th, Peter Wu Wireshark Core Developer

HP - HP0-P17. HP-UX 11i v3 Security Administration. QUESTION: 1 After running /usr/sbin/pwck, the following output is displayed:

Encrypting stored data

Managing User Accounts

Dashlane Security White Paper

0x1A Great Papers in Computer Security

For Your Eyes Only! MQ Advanced Message Security

LAB :: PGP (Pretty Good Privacy)

International Technical Support Organization. IBM System Storage Tape Encryption Solutions. May 2009 SG

Security Policy Document Version 3.3. Tropos Networks

[S9I ] gtmsecshr vulnerability Security Advisory Page 1 of 6

Chapter 4: Threads. Overview Multithreading Models Thread Libraries Threading Issues Operating System Examples Windows XP Threads Linux Threads

e-commerce Study Guide Test 2. Security Chapter 10

Dashlane Security Whitepaper

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

PGP Key Verification. Version 1.1, 08/26/2002. Stephen Gill Published: 08/26/2002

Data Security on Field Laptops

Cryptography. Cryptography is everywhere. German Lorenz cipher machine

SSH Algorithms for Common Criteria Certification

Symantec Drive Encryption for Mac OS X Quick Start Guide Version 10.3


Transcription:

GT.M Database Encryption Protecting Data At Rest (DAR) [ 1 ] April 30, 2009

What it is Protects data at rest (DAR) Data records in database & journal files are encrypted [ 2 ]

What it is not Data not at rest not protected During computation within the process address space Processes need to manipulate actual data In transit between systems and processes Database encryption is only a part of a complete security architecture Doesn t include algorithms & key management You must choose encryption libraries No encryption scheme meets all needs Plug-in architecture for you to use encryption library of your choice Example reference plug-in included with GT.M You must implement key management Key management is determined by your encryption library and organizational security policy Reference plug-in uses GnuPG (http://gnupg.org) Encryption libraries (even those used by reference plug-in) and key management are not supported by FIS [ 3 ]

Limitations General Long lived keys Large volume of encrypted data No key recovery ( back doors ) built into GT.M Losing or forgetting your keys will make your data indistinguishable from random ones and zeros on disk No protection against weak key management Leaving unencrypted keys on disk, even in an obscure location or secured with a known password is like leaving your front door key under the doormat GT.M Specific Only BG access method is supported; MM is not supported with encryption Encryption is only supported for databases use PIPE device to read/write encrypted flat files Database encryption is only a part of a complete security architecture [ 4 ]

Plug-in API Functions gtmcrypt_init() gtmcrypt_getkey_by_name() gtmcrypt_getkey_by_hash() gtmcrypt_hash_gen() gtmcrypt_encode() gtmcrypt_decode() gtmcrypt_close() gtmcrypt_strerror() Data structures gtmcrypt_key_t handle to a key xc_fileid_ptr_t file identifier Rest of the slides are about sample reference implementation [ 5 ]

Sample Reference Implementation Plug-in architecture your choice of encryption library / libraries with sample reference implementation Works out of the box with GNU Privacy Guard (libcrypto from OpenSSL for some functionality on AIX) Complete source code included You can freely modify / adapt to your needs Reference implementation is supported by FIS as part of Profile/GT.M support; encryption libraries are not supported by FIS [ 6 ]

Ciphers & Hashes Symmetric ciphers are computationally faster Keys are hard to distribute securely Asymmetric ciphers are computationally slower Public / private keys make key distribution & management easy Sample reference implementation uses both: Data records in databases secured with symmetric ciphers Blowfish CFB from OpenSSL libcrypto on AIX; AES 256 CFB from GPG on all others Keys for symmetric ciphers secured with asymmetric ciphers: RSA from GPG Key ring on disk secured with password: GPG Key + Cipher description hashed and stored in database file header; validated when file opened SHA-512 hash Hash can be changed separately from cipher no need to extract / load data [ 7 ]

Password flow within GT.M process Password or $gtm_passwd environment variable Private key in key ring on disk $HOME/.gnupg/secring.gpg or $GNUPGHOME/secring.gpg $gtm_dbkeys Decrypt Master Key File Private key in process memory Key file (encrypted w public key)... Key file (encrypted w public key) Decrypt Symmetric key in process memory Encrypted data in db / jnl files Encrypt & Decrypt Unencrypted data in process memory [ 8 ]

Password flow within GT.M process multiple db regions $gtm_dbkeys Master Key File dat dbfile 1 key keyfile 1 dat dbfile 2 key keyfile 2 Symmetric key for dbfile 1 encrypted with Public key Private key Symmetric key for dbfile 2 encrypted with Public key Symmetric key For dbfile 1 Encrypted Database Dbfile 1 + Journal file Keyring on disk $gtm_passwd Symmetric key For dbfile 2 Encrypted Database Dbfile 2 + Journal File [ 9 ]

$gtm_passwd Functional requirements Interactive entry Inherit from parent process for Job & ZSYstem commands $gtm_passwd cases Not set mumps process assumes application code will set obfuscated password in environment when it is ready to open database / journal file Null string mumps process prompts user for password at process startup and sets $gtm_passwd to obfuscated password String value assumed to be obfuscated password (used by parent to pass password to child process) Obfuscation is not encryption Obfuscation uses low level information accessible within the system to allow one process to pass the password for the key ring on disk to another process on the same system Obfuscated passwords are not usable outside the system, so if a process environment is dumped and sent to FIS for a support issue, the obfuscated password does not provide access to the actual password [ 10 ]

$gtm_passwd mumps process logic flow Process Startup No Run until encrypted database encountered $gtm_passwd defined? Yes Call gtm_cryptinit() $gtm_passwd Error (may Be deferred) Undefined Null GETPASS.m gets password (Obfuscated) Value Add obfuscated password to environment Build key file in memory from master key file [ 11 ]

Providing passwords to utility programs maskpass program, e.g. $gtm_dist/plugin/gtmcrypt/maskpass Enter Password: 3D303E34213F $ echo -n "Enter Password: ";export gtm_passwd=`$gtm_dist/plugin/gtmcrypt/maskpass cut -f 3 -d " "`;echo $gtm_passwd Enter Password: 3D303E342438 Invoke via mumps program Create a one line GT.M program as follows: zcmd ZSYstem $ZCMdline Quit and use it invoke the MUPIP or DSE command, e.g. $ gtm_passwd="" mumps -run zcmd mupip backup -region \"*\" [ 12 ]

Key Management Every user and administrator id needs a public / private key pair Consider putting keys in a Key server, e.g., http://pgp.mit.edu For every encrypted database that a user id needs access to, the symmetric encryption key needs to be encrypted with the public key of that user and put in a file that user id has access to Each user id will have a key file for each database file that user id has access to Each user id can have a single database keys file that lists all the database files that user id has access to and points to the key file for each database file [ 13 ]

Key Management Simplified schematic Generate public / private key pair (Phil) $HOME/.gnupg/secring.gpg or $GNUPGHOME/secring.gpg Private key in key ring on disk Public key Generate Symmetric Database key (Helen) $HOME/.gnupg/secring.gpg or $GNUPGHOME/secring.gpg Encrypt Key file (encrypted w public key) [ 14 ]

Other Changing database encryption requires extracting and loading the data with MUPIP Use a logical multi-site (LMS) configuration to provide application availability during the process Use different keys for each instance, so that if a key is compromised, only that instance requires changing keys Database Operation Global buffer pool twice as large each buffer now has two versions Some performance impact is inevitable benchmark before putting encrypted databases into production Supported platforms: AIX, HP-UX (Itanium), GNU/Linux (x86, x8664 & Itanium), Solaris (SPARC), z/os [ 15 ]

Discussion K.S. Bhaskar SVP, Fidelity Information Services, Inc. ks.bhaskar@fnis.com +1 610.578.4265 [ 16 ]

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback