Speaker
Andreas Joachim Peters
(CERN)
Description
With XRootD5 the on the wire protocol provides confidentiality of data inside the transport layer. However data files are human readable on storage nodes and can be accessed and downloaded by any EOS administrator and any person with read access. Filesystem level encryption on storage nodes does not solve this confidentiality problem.
To provide better data privacy the most recent versions of EOS support client and server side high-performance obfuscation and (with certain limitations) data encryption. The presentation will explain opportunities, challenges and limitations of the implementation.
Primary author
Andreas Joachim Peters
(CERN)
