-
This site is deprecated and will be decommissioned shortly. For current information regarding HPC visit our new site: hpc.njit.edu
HipaaSum
From NJIT-ARCS HPC Wiki
AuriStorFS HIPAA Compliance Overview
- AES-256-CTS-HMAC-SHA1 or AES-256-CTS-HMAC-SHA-512 encryption
- Mandatory policy enforcement of authentication, integrity protection and wire privacy for all connections. Enforcing a policy that requires yfs-rxgk security and encryption will block all OpenAFS client access since those clients cannot obey the policy.
- Information is granted on a need-to-know basis. If you want to provide a class of users the ability to "vos examine" volumes then you can grant those explicit users read-only administrator privileges.
- Each bosserver instance is keyed independently of the AFS cell.
- Volume Maximum ACLs constrain the permissions that a user can give away via ACL changes on objects.
- Volume Security Policies prevent a volume from being served from a fileserver that won't enforce the policy.