Log-in | en

Project Name: ZFS Encrypted Datasets PSARC 2007/261

Project Summary:

This project will provide on disk encryption/decryption support for ZFS datasets.
The project will cover the addition of encryption and decryption to the ZFS IO
pipeline and the key management for ZFS datasets.

It will deliver in multiple phases to support different key management strategies
including one which provides support for secure deletion based on encrypted
datasets.

Phase deliverables:

Phase 1

  • Per dataset policy for enabling encryption, including algorithm and key length.
  • Per dataset keys wrapped by single per pool key
  • Pool key from passphrase using PKCS#5 PBE
  • Pool key stored in PKCS#11 token
  • Zone / TX Label key management delegation (dataset keys only)
  • Per user key management (dataset keys only)
  • Secure Deletion (by delete & pool key change)

Dependences:

Any bug marked with the zfs-crypto keyword is a dependency.

Bugs marked zfs-crypto

Phase 1 High Level Schedule:

Milestone Start Complete 
 Proof Concept  Available  Completed 
 Alpha Release  Q3CY07  Released 
 Available on  OpenSolaris  Q4CY09               
last modified by admin on 2009/10/26 12:18
 
Collectives
Project

Subsites
Code Reviews
Code Repositories
Package Search
Bugster
Bugzilla
Test Machines
Planet
Mailing Lists
Elections & Polls
ARC Case Logs
Source Juicer
Package Factory
User Authentication
Project zfs-crypto Pages

© Sun Microsystems Inc. 2009
XWiki Enterprise 1.8.2.19075 - Documentation
Terms Of Use | Privacy | Trademarks | Copyright Policy | Site Guidelines | Site map | Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.