[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference vaxaxp::vmsnotes

Title:VAX and Alpha VMS
Notice:This is a new VMSnotes, please read note 2.1
Moderator:VAXAXP::BERNARDO
Created:Wed Jan 22 1997
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:703
Total number of notes:3722

643.0. "$ERAPAT certification?" by KETJE::STAES (Topless = No brains at all) Mon May 26 1997 06:30

I seem to recall that $ERAPAT system service - which allows you to specify
your own erasure pattern - was especially developed to comply with
DOD requirements.

Has there been any form of certified acceptance test performed on $ERAPAT?
Is such a certificate available somewhere at DIGITAL?

Thanks,
Nand.
T.RTitleUserPersonal
Name		DateLines
643.1Erasure for Declassification Purposes...XDELTA::HOFFMANSteve, OpenVMS EngineeringTue May 27 1997 11:0422
   The $ERAPAT erasure pattern buffer service was developed to allow sites
   to specify the pattern(s) used for the erasure buffer used by various
   OpenVMS system service routines, and to optionally allow the user to
   select US Department of Defense (US DoD) erasure patterns.

   Declassification also requires correctly handling issues of magnetic
   remanence and device-specific requirements such as bad-block handling,
   which cannot typically be handled by the erasure pattern tools alone,
   or cannot be handled by the erasure pattern tools.

   I am aware of relatively few tools rated for storage declassification,
   and these tools are specific to a specific class of disks and/or tapes.

   There are previous discussions of security erasure requirements around,
   and there are a few tools designed to comply with US DoD requirements
   for specific disk and tape devices.

   See ATPS::SEVMS note 285.*, SSAG::ASK_SSAG notes 93.*, 523.*, 680.*,
   720.*, 1487.*, 2074.*, 2453.*, 2518.*, 3637.*, 4797.*, 5092.*, 5610.*,
   and various others.  There are also likely some discussions on this
   topic over in your area, in KETJE::SECURITY_INFORMATION.
643.2disks are cheap!GIDDAY::GILLINGSa crucible of informative mistakesTue May 27 1997 19:079
  re .1:
    
>   I am aware of relatively few tools rated for storage declassification,
>   and these tools are specific to a specific class of disks and/or tapes.
    
    I've got some tools rated for storage declassification - a 5lb sledge
    hammer, tin of petrol and a box of matches ;-)
    
    						John Gillings, Sydney CSC
643.3AUSS::GARSONDECcharity Program OfficeTue May 27 1997 20:399
    .2 is correct.
    
    At the highest level of classification the only fully DoD certified data
    erasure procedure is physical destruction of the media, probably
    preceded by pattern erasure for the truly paranoid (-:.
    
    re .0
    
    Perhaps you need to define what the actual requirements are.
643.4Unreliable and Unevaluated Declassification...XDELTA::HOFFMANSteve, OpenVMS EngineeringWed May 28 1997 10:1311
    
:>   I am aware of relatively few tools rated for storage declassification,
:>   and these tools are specific to a specific class of disks and/or tapes.
:    
:    I've got some tools rated for storage declassification - a 5lb sledge
:    hammer, tin of petrol and a box of matches ;-)

   Sorry John, add a forge to the list and slag the disk, and I might buy
   off that the disks are actually declassified -- without that, what you
   are proposing :-) won't degauss the media reliably.  (Seriously.)