| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 2788.1 | Use the salary continuation method... | IOSG::PYE | Graham - ALL-IN-1 Sorcerer's Apprentice | Wed Jun 02 1993 17:03 | 13 |
| You might get the customer to suggest that he reminds the system
manager that reading other people's documents is the same as searching
their desk, and in most organisations merits being fired.
Any strategy that you can dream up will be circumventable by a
sufficiently determined, VMS privileged system manager anyway.
You might try ALARM ACLs of some sort perhaps?
See also several lengthy arguments about this earlier in the
conference.
Graham (hoping to save this being discussed again!)
|
| 2788.2 | Encryption is the only other way | IOSG::SHOVE | Dave Shove -- REO2-G/M6 | Thu Jun 03 1993 12:17 | 8 |
| Actually, there is one method which no-one can circumvent, no matter
how many privs they have. That's to use encryption, as .0 hinted.
I'm sure that this has been done for ALL-IN-1, but I'm afraid I don't
know who you should contact for more information. Perhaps someone else
does?
Dave.
|
| 2788.3 | Look for other conferences? | IOSG::PYE | Graham - ALL-IN-1 Sorcerer's Apprentice | Thu Jun 03 1993 12:56 | 9 |
| There used to be a thing called SEVMS, a secure version of VMS, which
had a conference. They were doing a version of ALL-IN-1 to run with it.
There's a DEC encryption product, but you can't sell it outside the US.
Once upon a time (V2.3) I saw an encryption customisation in the
Frankfurt Office system, perhaps someone knows if that's still around?
Graham
|
| 2788.4 | A few people to try | WNPVM2::PFALCO | | Thu Jun 03 1993 18:05 | 21 |
| When I was researching this for a proposal to the FBI,
I spoke with Bill Colquitt, who at the time was in product
mgmt., and had quite a bit of background on security for ALL-IN-1.
He assured me we had customized ALL-IN-1 for a few accounts
to call an encryption capability. I did not pursue
this at the time. However, since I work in Washington, D.C., I will
suggest you try some folks in the Defense Dept. support
organization or the Defense agency group. I am currently
in the PSC which supports Defense (even though I support
civilian agencies of the Fed. Gov't). Some account reps. to track
down would be for the NSA, Dept. of the Army, and CIA accounts.
The PSC manager is Jim Popa @COP. One of the sales support managers is
Terry Denson @COP. I specifically recall a name of
a DEC person on the west coast Bill referred me to, but
don't have my notes. If you send me e-mail, I'll
take a look for it. BTW, if Terry or Jim ask, tell
them I referred you.
regards,
Pat Falco
|
| 2788.5 | Sorry, Dan. | MIMS::HUSSEY_D | NOT the MAMA!!! NOT the MAMA!!! | Thu Jun 03 1993 21:32 | 9 |
| It can be done. When he was with the Charlotte group, Dan Leslie wrote
a CLI level package that enabled document encryption for ALL-IN-1 V2.3.
This was in the Office ASSETS library for a time. With the demise of
the Charlotte organization, the source code is probably lost. However,
maybe this brief note will jog someone's memory.
Hope this helps,
David
|
| 2788.6 | what's the outcome ? | ZPOVC::CHINGYUE | | Tue Jun 22 1993 12:14 | 8 |
| I've got a customer who share the same though as Nigel's.
Nigel,
have you got the answer ?
crossed posted in SEVMS conference.
ching-U
|
| 2788.7 | ALL-IN-1 and Encryption" | ZPOVC::CHINGYUE | | Tue Jun 29 1993 03:14 | 16 |
| Hi,
I've been trying to gather information on Encrypting ALL-IN-1.
Replied to note 2788, sent mail to people but to no result.
I understand that we used to have a product but it was sold to
US DOD.
Is there any third party product that does encryption ?
Please drop me a mail or a reply cos' customer has been chasing
me for an answer.
Thanks.
ching-U
|
| 2788.8 | No new notes - this one will do | AIMTEC::WICKS_A | U.S.A 2 England 0 - I was there! | Tue Jun 29 1993 04:26 | 10 |
| this note was moved back from 2933 - there is no need to create new
notes just for the sake of it.
Please remember that this is an unofficial support channel and for
official support you can contact your CSC, the Product Manager,
Marketing or Bob Palmer.
regards,
Andrew.D.Wicks
|
| 2788.9 | Point taken | ZPOVC::CHINGYUE | | Mon Jul 05 1993 13:03 | 4 |
| My apologies.
I guess I was desperate then.
ching-U
|
| 2788.10 | I did a DSAB a while back | SANFAN::LESLIE_DA | Greetings & Solutions | Wed Jul 07 1993 17:06 | 22 |
| I wrote a DSAB that would require a key before and after editing to
encrypt a document. I submitted it as an ASSET some time ago (back
when I was in Charlotte, been in San Francisco for 3.5 years now). I
believe I still have the BLISS for doing the work. My understanding
was that it would have a difficult time leaving the country, even
though the encryption algorithm could be removed and replaced with the
object of one's choice.
I have no idea what the legal folks would say to this thing being made
available. I spent time with Sandy Boyd, Rick Warford, Don Vickers,
and Hal Pryor to make this thing work (probably others as well, but
that was a long time ago and they're not around the company anymore).
I have no problem making the code available (provided it's still on the
system here), but I will need some idea of the legality of letting it
go outside the US.
Send me mail SANFAN::LESLIE_DA or DAN LESLIE @SZO. My DTN is strictly
VoiceMail (no phone connected to the line): 542-3510. I was fairly
proud of this bit of code at one time, 3.5 years later, however, my
memory is a little bit rusty ;*).
Dan
|