LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 05-06-2009, 09:37 AM   #1
SteveInTallyFL
Member
 
Registered: May 2008
Location: Tallahassee, FL
Distribution: RHEL4, RHEL 5, OEL4, OEL5
Posts: 58

Rep: Reputation: 17
Question Securing Data for Transmission: HIPAA and FERPA compliance


We have to implement a facility to provide download capability of files to a limited group of clients. The information in the files is subject to HIPAA and FERPA guidelines. We will be using SFTP, but want to go further. We want to encrypt the files themselves at 128-bit or higher and password protect them before we put them up for transmission. Our site and sources are RHEL 4 and 5 servers. Our clients will be a mix of WinXP, Mac osX, and Linux. We do not want to have to purchase/maintain digital signature certificates. We do want to be able to script the encryption and password assignment on the files. We want our clients to have to provide a password to open the file once received.

Is there a single-source, multi-platform solution for accomplishing this scenario? Is single-source necessary? Are purchased products necessary?
 
Old 05-06-2009, 10:26 AM   #2
*******
Member
 
Registered: Feb 2009
Posts: 63

Rep: Reputation: 16
GnuPG works on all platforms mentioned. That's not the problem. It's the scripting of passphrases. That definately does not comply with common sense, any Best Practices let alone official standards...
 
Old 05-06-2009, 11:54 AM   #3
SteveInTallyFL
Member
 
Registered: May 2008
Location: Tallahassee, FL
Distribution: RHEL4, RHEL 5, OEL4, OEL5
Posts: 58

Original Poster
Rep: Reputation: 17
Sometimes the file will be generated by an application from database sources. The output file will need to be encrypted and password protected before put up for transmission. We would want to script a password generation algorithm and then assign the generated password to the file. We are NOT talking about putting a password into a script.
 
Old 05-07-2009, 12:30 PM   #4
*******
Member
 
Registered: Feb 2009
Posts: 63

Rep: Reputation: 16
Encoding with OpenSSL work on all platforms mentioned too. Might be easier.
 
  


Reply

Tags
rhel, secure, tools


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using gpg to comply with HIPAA xri Linux - Software 1 03-17-2009 10:41 PM
faulty transmission of 100 kb data using TCP/IP protocol NancyT Programming 6 01-28-2009 01:07 AM
LXer: Web Input - Securing Data, Second Level of Defense LXer Syndicated Linux News 0 06-04-2008 03:00 PM
Secure data transmission introuble Programming 10 04-27-2007 02:31 AM
Data Rate transmission discrepancy suggesting hijack drmjh Linux - Security 13 03-23-2007 04:29 PM


All times are GMT -5. The time now is 01:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration