[AG-TECH] Encryption of Access Grid 2.x Sessions
Jennifer Teig von Hoffman
jtvh at bu.edu
Wed Jan 21 12:00:57 CST 2004
I believe that encryption is turned off for the rooms on the TVS, since
otherwise AG1.x nodes wouldn't be able to see/hear the 2.x nodes.
- Jennifer
Robert Olson wrote:
> At 10:03 AM 1/21/2004, Allan Spale wrote:
>
>> Thanks for the information and your prompt reply. Do you know which of
>> the ANL virtual venues are encrypted? Also, are ANL instutional rooms
>> encrypted and would each institution have control over that?
>
>
> In the ag1 venue server, only the rooms named "Secure Room" and
> "Secure2" have encryption enabled (well, the Encryption Test Room does
> too but it doesn't have access control turned on); they are available
> for reservation.
>
> In an ag2 venue server, I believe that encryption is on by default; I
> don't recall the key-changing policiy offhand. You will want to ensure
> the encryption keys there are of the form Rijndael/<key> in order to
> ensure that AES/Rijndael encryption is used in the tools, and that they
> have been freshly generated.
>
> Essential for the security you're looking for is the proper
> configuration of access control to the encrypted venues; without that
> everyone is just given the keys upon entry.
>
> You need to also make sure of physical security on the computers
> involved, as well as restriction of remote access to them (if one had
> access to a media capture machine, there may be windows of time where
> the key was visible in a temp file; if one had root access on a capture
> machine one could likely find the key in memory).
>
> --bob
More information about the ag-tech
mailing list