HP StorageWorks 4000/6000/8000 .HP StorageWorks SAN Design Reference Guide, Pa - Page 404
HP security strategy, Key management, Organizational security policies, HP Secure Advantage
View all HP StorageWorks 4000/6000/8000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 404 highlights
Data Encryption Standard DES is a block cipher designed for use in symmetric cryptography, which encrypts data in 64-bit blocks and uses a key length of 56 bits. It uses a 64-bit key, but every eighth bit is ignored. These extra bits can be used for other purposes, such as a parity check to ensure that the key is error free. The DES cipher consists of the following process: 1. Performing an initial permutation 2. Breaking the block into right and left halves (32 bits each, followed by 16 key-dependent rounds on each half) 3. Rejoining of the halves 4. Performing the final permutation (reverse of the initial permutation) Two common DES cipher modes are as follows: • ECB-Each block of the message is encrypted independently. • CBC-Each plaintext block uses an Exclusive-OR operation with the previous cipher text block before encryption. Advanced Encryption Standard AES is a block cipher designed for use in symmetric cryptography, which encrypts data in 128-bit blocks. AES can use a key size of 128, 192, or 256 bits. The number of rounds varies by the key length (for example, 10, 12, or 14 rounds for key sizes 128, 192, or 256, respectively). The processing in each round is more efficient than DES and is better suited to high-speed parallel operations. A subkey step using an XOR operation, followed by a MixColumns step, occurs before the rounds are performed. AES has equivalent modes to the ECB and CBC modes for DES. AES also has a counter mode in which a sequence number uses an Exclusive-XOR operation with the plaintext before processing; the sequence number is incremented for use with the next block. Key management Successful key management is the most important yet most difficult aspect of a cryptographic system because it often requires coordination between departments and users, and the establishment and enforcement of strict system policies. You must ensure the generation, storage, exchange, verification, replacement, and destruction of keys. Organizational security policies Organizational security policies are high-level statements that define the data protection requirements, which are driven by business needs. Auditing and reporting policies are added to the security policies, and the business policies are then mapped to the security policies. HP security strategy This section describes the HP Secure Advantage, the HP security strategy. HP Secure Advantage HP Secure Advantage allows you to combine HP security products. The Secure Advantage portfolio ensures secure automation, optimization, and acceleration of your infrastructure with proper validation 404 Storage security