Security Basics mailing list archives
RE: PCI, EFS and the future?
From: "Dan Anderson" <dan-anderson () cox net>
Date: Sun, 18 Feb 2007 04:03:31 -0600
3.4.1 If disk encryption is used (rather than file- or column-level Database encryption), logical access must be managed independently of native operating system access control mechanisms (for example, by not using local system or Active Directory accounts). Decryption keys must not be tied to user accounts. The wording suggests this applies to databases. Not file servers.
How does it suggest that? This is about encrypting data, not the containers data might be found in. Dan
Current thread:
- PCI, EFS and the future? Nick Vaernhoej (Feb 02)
- RE: PCI, EFS and the future? Roger A. Grimes (Feb 05)
- Re: PCI, EFS and the future? Saqib Ali (Feb 05)
- RE: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- RE: PCI, EFS and the future? Gressick, Michael (Feb 07)
- RE: PCI, EFS and the future? dave kleiman (Feb 05)
- Message not available
- RE: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- RE: PCI, EFS and the future? Dan Anderson (Feb 19)
- RE: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- <Possible follow-ups>
- Re: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- Re: PCI, EFS and the future? Craig Wright (Feb 06)
- Re: PCI, EFS and the future? Sean Waddell (Feb 06)
- Re: PCI, EFS and the future? Saqib Ali (Feb 07)
- CastleCops 5-Year Anniversary and Contest dave kleiman (Feb 08)
- Re: PCI, EFS and the future? Sean Waddell (Feb 06)
- RE: PCI, EFS and the future? Dan Anderson (Feb 19)