Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: Threat Model

To: SISWG <stds-p1619@IEEE.ORG>
Subject: Re: Threat Model
From: Shai Halevi <shaih@WATSON.IBM.COM>
Date: Tue, 13 Apr 2004 21:01:23 -0400
In-Reply-To: <8D43EFD7CCBDB24980134BE078C227E70930D94A@xcm.emulex.com>
Organization: IBM
References: <8D43EFD7CCBDB24980134BE078C227E70930D94A@xcm.emulex.com>
Sender: owner-stds-p1619@listserv.ieee.org
User-Agent: KMail/1.5

On Tuesday 13 April 2004 08:19 pm, Nixon, Bob wrote:
> [...]
> The basic intention of the T10 protection information is that it is
> generated by the application that writes the data, persisted by the storage
> until overwritten, and returned unmodified to the reading application for
> verification. It is allowed to be checked at points in transit, but the
> storage is considered a point in transit, not an end point.

This sounds like we cannot use it (since it belongs to the application),
but then...

> The allowance for recalculation is to permit intermediate storage
> virtualization devices to overload a single instance of the protection
> information field with both application-to-virtualizer and
> virtualizer-to-physical media protection information. It is recognized that
> this will lose some of the protection afforded by true writer-to-reader
> integrity data.

So the encryption device would be a "virtualizer"? I still don't see
how this would work.

-- Shai

Follow-Ups:
- Re: Threat Model
  - From: james Hughes

References:
- RE: Threat Model
  - From: Nixon, Bob

Prev by Date: Re: Threat Model
Next by Date: RE: Threat Model
Prev by thread: RE: Threat Model
Next by thread: Re: Threat Model
Index(es):
- Date
- Thread