Considerations for applying disk encryptors to environments subject to hostile overrun

Abstract

The paper presents a list of considerations for applying a commercial off-the-shelf disk encryptor to an environment where hostile overrun is a significant threat. The considerations include: how the encryption device is configured and interfaced to the workstation, host, or server; encryption key management including key entry, changeover, and quick destruct; and long term off-line storage.<>