Professional Documents
Culture Documents
• How to properly weigh the costs and benefits associated with these security
measures?
• How to compare the methods based on confidentiality, integrity, availability
and performance?
• What are the major differences between all the methods?
• What are the Specific applications of storage devices in the multimedia
environment?
This section briefly explains about common set of criteria for evaluating a storage
security system i.e. confidentiality, integrity, availability, and performance.
Confidentiality, integrity, and availability are commonly referred to in the computer
security arena, and performance was added to ensure systems achieve an
appropriate balance between security and processing ability.
Confidentiality
Ensuring confidentiality means that no one has access to data unless
specifically authorized. The first step in authorizing access to information is to
properly identify users via authentication. The storage system must define the
means for a user to be properly identified prior to gaining access, and then having
appropriately identified a user, the system must allow access to only specified data
associated with that user. The system must encrypt data and, therefore, requires
either users or servers to apply cryptographic keys. Determining how the keys are
managed has had a significant impact on the overall design. And also once the
system determines to revoke a particular user’s access, the user’s keys must no
longer work within the system, or at a minimum not allow access to future versions
of the files.