SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: iSCSI: Security Enviornments



    > Consider aspects of management.  If the SCSI controller responds to client
    > with lists of accessible devices, how is the SCSI controller informed?
    How
    > is access managed in a uniform manner?
    
    I'd recommend not discussing security of management right now beyond that
    necessary to ensure that iSCSI identities and authentication work as
    intended/
    required.  Significant pieces of this are also outside the scope of the
    working group, for example, how a target gets the information required
    to respond to a REPORT LUNS command is in T10's space, not the ips WG,
    and the same is true of SCSI-level access controls.
    
    Beyond that, a properly configured TLS should be adequately secure
    for a SAN.  Doug's opinion that privacy should not be mandatory to
    implement is hereby officially noted (i.e., he can stop repeatedly
    reminding us of it), and I would point out that this was also
    the rough consensus at the WG meeting in Pittsburgh, which I believe
    remains the rough consensus of the WG.
    
    --David
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    
    


Home

Last updated: Tue Sep 04 01:05:31 2001
6315 messages in chronological order