comparison Sphinx/source/plugins/object-storage.rst @ 453:d44d61bdcd09

fix
author Alain Mazy <alain@mazy.be>
date Fri, 03 Jul 2020 13:05:41 +0200
parents aef5c8b74381
children a4ed4e883337
comparison
equal deleted inserted replaced
452:aef5c8b74381 453:d44d61bdcd09
163 Another advantage is that these packets of bytes might eventually not be considered as PHI anymore and eventually 163 Another advantage is that these packets of bytes might eventually not be considered as PHI anymore and eventually
164 help you meet your local regulations (Please check your local regulations). 164 help you meet your local regulations (Please check your local regulations).
165 165
166 However, note that, if you're running entirely in a cloud environment, your decryption keys will still 166 However, note that, if you're running entirely in a cloud environment, your decryption keys will still
167 be stored on the cloud infrastructure (VM disks - process RAM) and an attacker could still eventually gain access to this keys. 167 be stored on the cloud infrastructure (VM disks - process RAM) and an attacker could still eventually gain access to this keys.
168 Furthermore, in the scope of the `Cloud Act <https://en.wikipedia.org/wiki/CLOUD_Act>`__ , the cloud provider might still have
169 the possibility to retrieve your data and encryption key (while it will still be more complex than with standard encryption at rest).
170 168
171 If Orthanc is running in your infrastructure with the Index DB on your infrastructure, and files are store in the cloud, 169 If Orthanc is running in your infrastructure with the Index DB on your infrastructure, and files are store in the cloud,
172 the master keys will remain on your infrastructure only and there's no way the data stored in the cloud could be decrypted outside your infrastructure. 170 the master keys will remain on your infrastructure only and there's no way the data stored in the cloud could be decrypted outside your infrastructure.
173 171
174 Also note that, although the cloud providers also provide client-side encryption, we, as an open-source project, 172 Also note that, although the cloud providers also provide client-side encryption, we, as an open-source project,