Andreas Almroth, 15.10.2009 12:32:
> This also leads me to think about earlier discussion regarding encryption. Would
> MySQL backup kernel want to keep a fully working Key Management System (KMS) in order to
> use right keys. KMS is a very complex system, managing many keys such as current,
> not-in-use, expired, deleted etc. I again think it would be better to leave it to the BSM
> to implement encryption and KMS. If we look at NetBackup it supports compression,
> encryption on client side, but also de-duplication when going to OST storage. NetBackup
> also support KMS and AES256 encryption when storing on supported tape drives (LTO4 and Sun
> StorageTek T10000).
If these things are provided by the back ends and we just need to turn
them on and off, then it is fine. My idea concerning this is to request
specific algorithms through the "location string".
OTOH, if compression and/or encryption is to be implemented, then it's
better to do it in the backup core so that all storage modules can
profit from them.
BTW, I'm still working on my own comments on the HLS. Please stay tuned.
Ingo Strüwing, Database Group
Sun Microsystems GmbH, Sonnenallee 1, D-85551 Kirchheim-Heimstetten
Geschäftsführer: Thomas Schröder, Wolfgang Engels, Wolf Frenkel
Vorsitzender des Aufsichtsrates: Martin Häring HRB München 161028