Encryption and a local read-only cache (LROC) device
IBM Spectrum Scale holds encrypted file data in memory as cleartext. To support this design, IBM Spectrum Scale decrypts encrypted file data as it is read into memory and encrypts file data as it is written into an encrypted file.
By default, IBM Spectrum Scale does not allow cleartext from encrypted files to be copied into an LROC device. The reason is that a security exposure arises when cleartext from an encrypted file is copied into an LROC device. Because LROC device storage is non-volatile, an attacker can capture the cleartext by removing the LROC device from the system and reading the cleartext at some other location.
To enable cleartext from an encrypted file to be copied into an LROC device, you can issue the
mmchconfig command with the attribute
LROCEnableStoringClearText=yes. You might choose this option if you have
configured your system in some way to remove the security exposure. One such method is to install an
LROC device that internally encrypts data that is written into it and decrypts data that is read
from it. But see the following warning.
Warning: If you allow cleartext
from an encrypted file to be copied into an LROC device, you must take steps to protect the
cleartext while it is in LROC storage. One method is to install an LROC storage device that
internally encrypts data that is written into it and decrypts data that is read from it. However, be
aware that a device of this type voids the IBM
Spectrum Scale secure deletion guarantee, because IBM Spectrum Scale does not manage the encryption key for the device.
For more information, see the following links: