[Security_sig] Storage requirements question - Access Controls

Ed Reed ereed at novell.com
Thu Oct 21 07:57:18 PDT 2004


This may be a silly question, but * (and if these questions have already
been addressed, my apologies, and please redirect me)...

What are the access control requirements or issues with regard to storage?

When storage is shared by several systems - either of the same OS, of
different versions of the same OS, or by systems from different OSes, 
what responsibilities for access control do the storage systems themselves
have?

When shared storage is used for applications that require encrypted storage,
does the storage system manage the encryption, so that it's available to
the various systems that share the data, or must each system
manage it's own encryption and decryption of data blocks it retrieves from
storage?

What audit requirements are there for the shared storage system?  Is that
strictly delegated to the operating systems that share it?  Are there
differences in whether we're talking about iSCSI or NFS (or CIFS or AFS or
...)?

What are the data center requirements in these areas?

Thanks,
Ed

>>> Mary Edie Meredith <maryedie at osdl.org> 10/18/2004 11:57:51 AM >>>
I do not have the details yet, but the Storage SIG leader (now Badari
Pulavarti) would like to have a 1/2 day meeting/Conference Call
Thursday, Nov 11, at the OSDL office in Beaverton.  This would allow
those attending the DCL TWG face to face Nov9-10 to stay over and
attend.

The goal of the meeting will be to create action plans (in particular
test plans) for each of the Storage Focus Areas (4096 Storage Devices,
Disk AIO, NFS, Persistent Storage Device Naming, Multipath I/O, and
Volume Management).

My regrets for not announcing this with the other meeting announcements,
as I fear some of you have already made your travel arrangements.  If
you cannot stay over, there will be a conference line established so you
can dial in during the parts that interest you.
-- 
Mary Edie Meredith 
maryedie at osdl.org 
503-626-2455 x42
Open Source Development Labs






More information about the security_sig mailing list