From 7ddd1469269fa5ec52e9d749bcbf43be9fa563c8 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Fri, 9 Oct 2015 13:56:19 -0500 Subject: [PATCH] V-38659, V-38662, V-38693: Encrypted storage exception docs Implements: blueprint security-hardening Change-Id: I05437825ae87307ad303f1bf937c631d7a93ca8e --- doc/source/developer-notes/V-38659.rst | 11 +++++++++++ doc/source/developer-notes/V-38661.rst | 1 + doc/source/developer-notes/V-38662.rst | 1 + doc/source/developer-notes/V-38693.rst | 1 + 4 files changed, 14 insertions(+) create mode 100644 doc/source/developer-notes/V-38659.rst create mode 120000 doc/source/developer-notes/V-38661.rst create mode 120000 doc/source/developer-notes/V-38662.rst create mode 120000 doc/source/developer-notes/V-38693.rst diff --git a/doc/source/developer-notes/V-38659.rst b/doc/source/developer-notes/V-38659.rst new file mode 100644 index 00000000..a7573757 --- /dev/null +++ b/doc/source/developer-notes/V-38659.rst @@ -0,0 +1,11 @@ +**Exception** + +Creating encrypted storage is left up to the deployer to consider and +implement. Although encrypting data at rest on storage volumes does reduce +the chances of data theft if the server is physically compromised, it doesn't +provide protection from a user who is logged in while the server is running. + +Linux systems provide various options for storage encryption. The `Linux +Unified Key Setup`_ is a good implementation to review. + +.. _Linux Unified Key Setup: https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup diff --git a/doc/source/developer-notes/V-38661.rst b/doc/source/developer-notes/V-38661.rst new file mode 120000 index 00000000..60625432 --- /dev/null +++ b/doc/source/developer-notes/V-38661.rst @@ -0,0 +1 @@ +V-38659.rst \ No newline at end of file diff --git a/doc/source/developer-notes/V-38662.rst b/doc/source/developer-notes/V-38662.rst new file mode 120000 index 00000000..60625432 --- /dev/null +++ b/doc/source/developer-notes/V-38662.rst @@ -0,0 +1 @@ +V-38659.rst \ No newline at end of file diff --git a/doc/source/developer-notes/V-38693.rst b/doc/source/developer-notes/V-38693.rst new file mode 120000 index 00000000..c1ae9dd2 --- /dev/null +++ b/doc/source/developer-notes/V-38693.rst @@ -0,0 +1 @@ +V-38482.rst \ No newline at end of file