Mercurial > hg > orthanc-book
comparison Sphinx/source/plugins/object-storage.rst @ 453:d44d61bdcd09
fix
author | Alain Mazy <alain@mazy.be> |
---|---|
date | Fri, 03 Jul 2020 13:05:41 +0200 |
parents | aef5c8b74381 |
children | a4ed4e883337 |
comparison
equal
deleted
inserted
replaced
452:aef5c8b74381 | 453:d44d61bdcd09 |
---|---|
163 Another advantage is that these packets of bytes might eventually not be considered as PHI anymore and eventually | 163 Another advantage is that these packets of bytes might eventually not be considered as PHI anymore and eventually |
164 help you meet your local regulations (Please check your local regulations). | 164 help you meet your local regulations (Please check your local regulations). |
165 | 165 |
166 However, note that, if you're running entirely in a cloud environment, your decryption keys will still | 166 However, note that, if you're running entirely in a cloud environment, your decryption keys will still |
167 be stored on the cloud infrastructure (VM disks - process RAM) and an attacker could still eventually gain access to this keys. | 167 be stored on the cloud infrastructure (VM disks - process RAM) and an attacker could still eventually gain access to this keys. |
168 Furthermore, in the scope of the `Cloud Act <https://en.wikipedia.org/wiki/CLOUD_Act>`__ , the cloud provider might still have | |
169 the possibility to retrieve your data and encryption key (while it will still be more complex than with standard encryption at rest). | |
170 | 168 |
171 If Orthanc is running in your infrastructure with the Index DB on your infrastructure, and files are store in the cloud, | 169 If Orthanc is running in your infrastructure with the Index DB on your infrastructure, and files are store in the cloud, |
172 the master keys will remain on your infrastructure only and there's no way the data stored in the cloud could be decrypted outside your infrastructure. | 170 the master keys will remain on your infrastructure only and there's no way the data stored in the cloud could be decrypted outside your infrastructure. |
173 | 171 |
174 Also note that, although the cloud providers also provide client-side encryption, we, as an open-source project, | 172 Also note that, although the cloud providers also provide client-side encryption, we, as an open-source project, |