HP StorageWorks 4000/6000/8000 .HP StorageWorks SAN Design Reference Guide, Pa - Page 404

HP security strategy, Key management, Organizational security policies, HP Secure Advantage

Get HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays PDF manuals and user guides View all HP StorageWorks 4000/6000/8000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 404 highlights

Data Encryption Standard DES is a block cipher designed for use in symmetric cryptography, which encrypts data in 64-bit blocks and uses a key length of 56 bits. It uses a 64-bit key, but every eighth bit is ignored. These extra bits can be used for other purposes, such as a parity check to ensure that the key is error free. The DES cipher consists of the following process: 1. Performing an initial permutation 2. Breaking the block into right and left halves (32 bits each, followed by 16 key-dependent rounds on each half) 3. Rejoining of the halves 4. Performing the final permutation (reverse of the initial permutation) Two common DES cipher modes are as follows: • ECB-Each block of the message is encrypted independently. • CBC-Each plaintext block uses an Exclusive-OR operation with the previous cipher text block before encryption. Advanced Encryption Standard AES is a block cipher designed for use in symmetric cryptography, which encrypts data in 128-bit blocks. AES can use a key size of 128, 192, or 256 bits. The number of rounds varies by the key length (for example, 10, 12, or 14 rounds for key sizes 128, 192, or 256, respectively). The processing in each round is more efficient than DES and is better suited to high-speed parallel operations. A subkey step using an XOR operation, followed by a MixColumns step, occurs before the rounds are performed. AES has equivalent modes to the ECB and CBC modes for DES. AES also has a counter mode in which a sequence number uses an Exclusive-XOR operation with the plaintext before processing; the sequence number is incremented for use with the next block. Key management Successful key management is the most important yet most difficult aspect of a cryptographic system because it often requires coordination between departments and users, and the establishment and enforcement of strict system policies. You must ensure the generation, storage, exchange, verification, replacement, and destruction of keys. Organizational security policies Organizational security policies are high-level statements that define the data protection requirements, which are driven by business needs. Auditing and reporting policies are added to the security policies, and the business policies are then mapped to the security policies. HP security strategy This section describes the HP Secure Advantage, the HP security strategy. HP Secure Advantage HP Secure Advantage allows you to combine HP security products. The Secure Advantage portfolio ensures secure automation, optimization, and acceleration of your infrastructure with proper validation 404 Storage security

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
Data Encryption Standard
DES is a block cipher designed for use in symmetric cryptography, which encrypts data in 64-bit
blocks and uses a key length of 56 bits. It uses a 64-bit key, but every eighth bit is ignored. These
extra bits can be used for other purposes, such as a parity check to ensure that the key is error free.
The DES cipher consists of the following process:
1.
Performing an initial permutation
2.
Breaking the block into right and left halves (32 bits each, followed by 16 key-dependent rounds
on each half)
3.
Rejoining of the halves
4.
Performing the final permutation (reverse of the initial permutation)
Two common DES cipher modes are as follows:
ECB
Each block of the message is encrypted independently.
CBC
Each plaintext block uses an Exclusive
OR operation with the previous cipher text block
before encryption.
Advanced Encryption Standard
AES is a block cipher designed for use in symmetric cryptography, which encrypts data in 128-bit
blocks. AES can use a key size of 128, 192, or 256 bits. The number of rounds varies by the key
length (for example, 10, 12, or 14 rounds for key sizes 128, 192, or 256, respectively). The processing
in each round is more efficient than DES and is better suited to high-speed parallel operations. A
subkey step using an XOR operation, followed by a MixColumns step, occurs before the rounds are
performed.
AES has equivalent modes to the ECB and CBC modes for DES. AES also has a counter mode in
which a sequence number uses an Exclusive-XOR operation with the plaintext before processing; the
sequence number is incremented for use with the next block.
Key management
Successful key management is the most important yet most difficult aspect of a cryptographic system
because it often requires coordination between departments and users, and the establishment and
enforcement of strict system policies. You must ensure the generation, storage, exchange, verification,
replacement, and destruction of keys.
Organizational security policies
Organizational security policies are high-level statements that define the data protection requirements,
which are driven by business needs. Auditing and reporting policies are added to the security policies,
and the business policies are then mapped to the security policies.
HP security strategy
This section describes the HP Secure Advantage, the HP security strategy.
HP Secure Advantage
HP Secure Advantage allows you to combine HP security products. The Secure Advantage portfolio
ensures secure automation, optimization, and acceleration of your infrastructure with proper validation
Storage security
404