InterSystems has tested the encryption of Caché database files in Caché
5.0. The following topics describe the requirements, recommendations, and procedures
developed on each of the tested operating systems:
Encrypting Caché Files on Microsoft Windows
This topic describes the basic steps for encrypting Caché files on Microsoft
Windows platforms. It contains the following sections:
Requirements and Recommendations
-
Run Caché on a supported version of Microsoft Windows 2000,
XP, or Server 2003.
-
Use the NTFS file system.
-
Set up the encryption
after you install Caché.
-
Encrypt the files using the same account that runs Caché.
-
Do not encrypt the
CacheSys\Bin directory and
the
CacheSys\Mgr directory. (
CacheSys is
the default Caché installation directory; your actual installation directory
name may be different.)
Important:
The encryption of these directories can lead to a race condition on Windows
2000 Pro involving the Caché Controller Service and Windows Encrypted File
System (EFS) services that can cause an intermittent Caché startup delay of
up to 30 minutes, during which time many other applications may also be subject to
the same delay.
-
Encrypt directories containing your database files instead of individually
encrypting the database files themselves. All files that are created in or moved to
encrypted directories automatically obtain the encrypted attribute.
-
The account that encrypts the files and runs Caché should be
a part of the Administrators group. See your operating system documentation for details
on the relationships of users and permissions.
To encrypt the appropriate Caché database (
cache.dat)
files on Microsoft Windows, perform the following steps:
-
-
-
-
Exit the Caché Cube and shut down the IIS Web server and any
other processes that might cause sharing violations.
-
-
-
-
If you do not set up the file encryption properly, an error occurs immediately
when starting Caché; the
ccontrol start command fails. View
the
console.log for error information.
Update the Caché Controller Service
Edit the Caché Controller Service for proper Caché startup.
-
From the
Windows Control Panel click
from
the
submenu.
-
-
Click the
Log On tab, change the
Log
on as property to be the same as the account that installed Caché.
Click
OK.
Encrypt Caché Database Files
From
Windows Explorer, perform the following on each
folder you choose to encrypt:
-
Right-click the appropriate folder and click
from
the shortcut menu:
-
-
-
Repeat this process for each folder that contains files you would
like to encrypt.
File encryption is transparent to Caché. To undo the encryption, follow
this same process and clear the encryption check box.
For additional information about the Windows Encrypting File System (EFS) and
related topics, see the following Microsoft documents, which you can find on the Microsoft
Web site,
www.microsoft.com:
-
For a general understanding of encryption on Windows:
-
For a list of Microsoft recommendations:
-
For specifics on the Windows 2000 platform:
-
For specifics on the Windows XP and Server 2003 platforms:
Encrypting Caché Files on Red Hat Linux
This topic describes the basic steps for encrypting Caché files on the
Red Hat Linux platform using loopback devices. It contains the following sections:
Requirements and Recommendations
-
Define your file system on a separate physical disk partition to hold
your database files.
-
Complete the loopback setup before you put the files on the loopback
device.
-
You may put all, some, or none of the Caché files in the encrypted
file system.
-
If you encrypt the journal and WIJ files, put them on separate physical
disks with virtual loopback devices.
-
It is safe to keep the key file on removable media and also acceptably
safe to keep it on a hard drive. If you do keep the key file on removable media; test
the use of the key from the removable media, and keep it separate. If you lose the
key file, you lose everything on the file system.
The
Loop-AES facility is a special device that provides
a fast and transparent file system and swap encryption package for Linux. The following
sections describe the procedures InterSystems recommends for setting up this type
of encryption:
The Loop-AES facility requires modified user-space tools for the
mount and
losetup commands,
as well as the latest Linux patch file.
-
-
-
-
-
-
Read the
INSTALL file for build and install notes.
-
Configure and make, but do not install, the package.
-
The following is an example set of commands to perform steps 4-8:
tar zxvf util-linux-2.12a.tar.gz
cd util-linux-2.12a
patch -p1 < ../loop-AES-v2.1c/util-linux-2.12a.diff
more INSTALL
./configure
make
cd mount
cp -a losetup /usr/local/bin
cp -a mount /usr/local/bin
-
Test the updated tools. For example:
/usr/local/bin/losetup -e aes /dev/loop0 /dev/sdb1
(enter password)
mke2fs -j /dev/loop0
mount /dev/loop0 /mnt
umount /mnt
losetup -d /dev/loop0
To undo the encryption, move the files out of the partition. The encryption
is transparent to Caché. Once the file system is mounted, it is readable for
anyone who has permissions.
This section outlines a procedure for setting up key files and uses the following
sample file names:
-
Create 64 random encryption keys and encrypt them to
keyfile using
the GNU Privacy Guard (gpg) encryption and digital signature tool:
head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \
| gpg -c -a > /keyfile.gpg
Enter a passphrase at the prompt.
-
/dev/sdb2 /encrypted ext3 defaults,noauto,loop=/dev/loop0,encryption=AES128,gpgkey=/keyfile.gpg 0 0
Important:
Due to formatting limitations in some documentation output media, the previous
commands may display on two lines; in practice, enter them as a single line.
-
Construct a file system on the loop back device:
losetup -F /dev/loop0
mkfs -t ext3 /dev/loop0
losetup -d /dev/loop0
At the prompt, enter the passphrase from step 1.
-
-
At the prompt, enter the passphrase from step 1.
The file system encryption key contains the user key. You are prompted for the
user key at mount time for encrypted files.
For additional information about encrypting files and related topics, see the
following documents:
-
For a description of loop devices and general information about using
them:
-
For the most recent Linux patch file: