On Jan 2, 2007, at 6:48 AM, Darren Reed wrote:
Darren J Moffat wrote:
...
Of course. I didn't mention it because I thought it was obvious
but this would NOT break the COW or the transactional integrity of
ZFS.
One of the possible ways that the "to be bleached" blocks are
dealt with in the face of a crash is just like everything else -
they would be in the ZFS Intent Log as "things to do".
Do NIST and other specifications that come into play here dictate
what should be done in these and other situations?
From
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
includes the statement that
The security goal of the overwriting process is to replace written
data with random data.
How we achieve this is our problem. I expect that this is a
subjective analysis if we meet the goals...
Do they say how this feature must be provided or in which situations
it is required to be covered in order to meet their criteria.
They talk about "Clearing" vs "Purging" vs "Destruction"... Clearing
is the lowest level and seems to be useful when repurposing storage
within an organization. All of these are supposed to be "NSA/CSS
Approved". I do not see the exact approval requirements in this
document.
Or do they just document overwrite patterns, depending on the
security of the information?
From
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
it states
Studies have shown that most of today’s media can be effectively
cleared by one overwrite.
Darren
_______________________________________________
security-discuss mailing list
[EMAIL PROTECTED]
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
