to download - Secure Support - SafeNet

More documents

Recommendations

Info

Chapter 1IntroductionSecurity OverviewThere are a number of simple cryptographic terms mentioned throughout thismanual which the reader is required to understand. This section is intended as abrief overview of what these terms mean in the context of the ProtectFile product.In the field of cryptography, the term key refers to a value which is used to encryptdata using an algorithm. There are many different types of keys and algorithms.The term algorithm refers to a defined mathematical calculation that is used toencrypt, decrypt, or verify data using a key.Key ManagementKeys are used to protect or unlock data. It is important to correctly manage yourkeys in order to minimize the risk of compromise to your protected files. InProtectFile, key management is performed in software and, for the most part, anadministrator or user of ProtectFile does not need to know or perform any specialactions to manage their keys.ProtectFile Premium can be configured to operate in two different modes, eachusing a different type of key management. These are:Domain mode, which uses symmetric key managementPKI mode, which uses asymmetric key managementProtectFile Business uses symmetric key management.The following sections are presented as an overview to help explain the benefitsand disadvantages within each of the discussed key management environments. It isup to the individual to select which type of key management is considered best for aparticular application, or contact SafeNet Support for assistance.Symmetric Key ManagementSymmetric encryption systems (for example, DES) have been used in governmentand business applications for a long time. The encryption algorithm is published toallow independent and widespread analysis of the algorithms. The security of thesesystems depends on the security and strength of a secret key shared by sender andrecipient.2 © SafeNet, Inc.
Chapter 1IntroductionFigure 2 illustrates an example of two users who wish to access the same encrypteddata file under a symmetric key management system. For each pair of users, asecret key needs to be exchanged. Problems can arise within this environmentbecause the key must be present on each workstation in order for a user to accessencrypted data. This increases the probability of compromising the encryption key,and hence compromising all data secured by that key.An administrator has the responsibility for safeguarding the key and securelyinstalling the key on each system. Under a symmetric key management scheme,larger scale deployments are often inflexible and unworkable.Figure 2: Example of file encryption/decryption using symmetric keysAsymmetric Key Management (PKI Mode)An alternative solution to working with a symmetric system is to implement aPublic Key Infrastructure (PKI) system. The PKI system is based on asymmetrickey and cipher technology. Unlike its counterpart, the PKI system can be scaled tocover a large number of computer users with relative ease. Since PKI systems tendto be implemented on a larger scale, it is imperative to implement software thatenables key distribution to be efficiently managed.Figure 3 illustrates an example of two users who wish to access the same encrypteddata file under an asymmetric key management system. The general principleutilized in this system is that each user has two key values:A private value, which is never disclosed but used to decipher dataA public value, which is distributed to others and used to encipher data© SafeNet, Inc. 3
Page 5: Table of ContentsChapter 7 Registry
Page 10 and 11: Chapter 1IntroductionFigure 3: Exam
Page 12 and 13: Chapter 1IntroductionTHIS PAGE INTE
Page 14 and 15: Chapter 2InstallationProtectFile Pr
Page 16 and 17: Chapter 2Installation4. Fill in the
Page 18 and 19: Chapter 2Installation5. Select your
Page 20 and 21: Chapter 2Installation7. If you are
Page 22 and 23: Chapter 2Installation‣ Log in as
Page 24 and 25: Chapter 2InstallationEnter the loca
Page 26 and 27: Chapter 2InstallationStarting Prote
Page 28 and 29: Chapter 2InstallationUninstalling/U
Page 30 and 31: Chapter 2InstallationTHIS PAGE INTE
Page 32 and 33: Chapter 3Authentication MethodsPass
Page 34 and 35: Chapter 3Authentication MethodsWork
Page 36 and 37: Chapter 4AdministrationNOTEThe Show
Page 38 and 39: Chapter 4AdministrationUpdating You
Page 40 and 41: Chapter 4Administration3. Click Sav
Page 42 and 43: Chapter 4AdministrationBacking Up F
Page 44 and 45: Chapter 4AdministrationSleeping Dom
Page 46 and 47: Chapter 4AdministrationReference Ma
Page 48 and 49: Chapter 4AdministrationStand Alone
Page 50 and 51: Chapter 4AdministrationTHIS PAGE IN
Page 52 and 53: Chapter 5Advanced Domain Configurat
Page 54 and 55: Chapter 6Envelope Control Via Scrip
Page 56 and 57: Chapter 6Envelope Control Via Scrip
Page 58 and 59:
Chapter 6Envelope Control Via Scrip
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Chapter 7Registry SettingsSample Re
Page 68 and 69:
Chapter 7Registry SettingsCSP Regis
Page 70 and 71:
Chapter 7Registry SettingsAs a seco
Page 72 and 73:
Chapter 7Registry SettingsGINA Regi
Page 74 and 75:
Chapter 7Registry SettingsMigration
Page 76 and 77:
Chapter 7Registry SettingsMS PKI Co
Page 78 and 79:
Chapter 7Registry SettingsThe follo
Page 80 and 81:
Chapter 7Registry SettingsLdapUser
Page 82 and 83:
Chapter 7Registry SettingsThe searc
Page 84 and 85:
Chapter 7Registry SettingsPolicy Re
Page 86 and 87:
Chapter 7Registry SettingsValue Dat
Page 88 and 89:
Chapter 7Registry SettingsThree (3)
Page 90 and 91:
Chapter 7Registry SettingsDNEmailAt
Page 92 and 93:
Chapter 7Registry SettingsRemoveEnv
Page 94 and 95:
Chapter 7Registry SettingsDriver Re
Page 96 and 97:
Chapter 7Registry SettingsDisallowI
Page 98 and 99:
Chapter 7Registry SettingsThe DSA k
Page 100 and 101:
Chapter 7Registry SettingsADS_USE_E
Page 102 and 103:
Chapter 7Registry SettingsKey: HKLM
Page 104 and 105:
Chapter 7Registry SettingsKey: HKLM
Page 106 and 107:
Chapter 7Registry SettingsExample
Page 108 and 109:
Chapter 8Server ExtensionTHIS PAGE
Page 110 and 111:
Chapter 9Silent InstallationDefault
Page 112 and 113:
Silent Install.PasswordCSPMicrosoft
Page 114 and 115:
Silent Install.PasswordCSPMicrosoft
Page 116 and 117:
Chapter 9Silent InstallationTHIS PA
Page 118 and 119:
GlossaryDomain Administration Keyph
Page 120 and 121:
GlossaryUser PasswordWindows Regist
Page 122:
Appendix AProtectFile Scripting Exa
show all

to download - Secure Support - SafeNet

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?