<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p>Yeah, that's what we were surmising. But paranoia and compliance
being what it is we were curious what others were doing.</p>
<p>-Paul Edmon-<br>
</p>
<div class="moz-cite-prefix">On 9/29/2021 10:32 AM, Renfro, Michael
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:BN7PR07MB43881193C791E61D96780AE0A2A99@BN7PR07MB4388.namprd07.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">I have to wonder if the intent of the DUA
is to keep physical media from winding up in the wrong hands.
If so, if the servers hosting the parallel filesystem (or a
normal single file server) is physically secured in a data
center, and the drives are destroyed on decommissioning, that
might satisfy the requirements.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span
style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">Beowulf
<a class="moz-txt-link-rfc2396E" href="mailto:beowulf-bounces@beowulf.org"><beowulf-bounces@beowulf.org></a> on behalf of Paul
Edmon via Beowulf <a class="moz-txt-link-rfc2396E" href="mailto:beowulf@beowulf.org"><beowulf@beowulf.org></a><br>
<b>Date: </b>Wednesday, September 29, 2021 at 9:15 AM<br>
<b>To: </b>Scott Atchley
<a class="moz-txt-link-rfc2396E" href="mailto:e.scott.atchley@gmail.com"><e.scott.atchley@gmail.com></a><br>
<b>Cc: </b>Beowulf Mailing List
<a class="moz-txt-link-rfc2396E" href="mailto:beowulf@beowulf.org"><beowulf@beowulf.org></a><br>
<b>Subject: </b>Re: [Beowulf] Data Destruction<o:p></o:p></span></p>
</div>
<p style="margin:0in;text-align:center;background:white"
align="center"><b><span
style="font-size:12.0pt;color:red;background:white">External
Email Warning</span></b><o:p></o:p></p>
<p
style="mso-margin-top-alt:0in;margin-right:12.0pt;margin-bottom:0in;margin-left:12.0pt;text-align:center;background:white"
align="center">
<b><span style="font-size:12.0pt;color:red">This email
originated from outside the university. Please use caution
when opening attachments, clicking links, or responding to
requests.</span></b><o:p></o:p></p>
<div class="MsoNormal" style="text-align:center" align="center">
<hr width="100%" size="0" align="center">
</div>
<div>
<p>The former. We are curious how to selectively delete data
from a parallel filesystem. For example we commonly use
Lustre, ceph, and Isilon in our environment. That said if
other types allow for easier destruction of selective data
we would be interested in hearing about it.<o:p></o:p></p>
<p>-Paul Edmon-<o:p></o:p></p>
<div>
<p class="MsoNormal">On 9/29/2021 10:06 AM, Scott Atchley
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">Are you asking about selectively
deleting data from a parallel file system (PFS) or
destroying drives after removal from the system either
due to failure or system decommissioning?
<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">For the latter, DOE does not allow
us to send any non-volatile media offsite once it has
had user data on it. When we are done with drives, we
have a very big shredder.<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">On Wed, Sep 29, 2021 at 9:59 AM
Paul Edmon via Beowulf <<a
href="mailto:beowulf@beowulf.org"
moz-do-not-send="true">beowulf@beowulf.org</a>>
wrote:<o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-right:0in">
<p class="MsoNormal">Occassionally we get DUA (Data Use
Agreement) requests for sensitive
<br>
data that require data destruction (e.g. NIST 800-88).
We've been <br>
struggling with how to handle this in an era of
distributed filesystems <br>
and disks. We were curious how other people handle
requests like this? <br>
What types of filesystems to people generally use for
this and how do <br>
people ensure destruction? Do these types of DUA's
preclude certain <br>
storage technologies from consideration or are there
creative ways to <br>
comply using more common scalable filesystems?<br>
<br>
Thanks in advance for the info.<br>
<br>
-Paul Edmon-<br>
<br>
_______________________________________________<br>
Beowulf mailing list, <a
href="mailto:Beowulf@beowulf.org" target="_blank"
moz-do-not-send="true">Beowulf@beowulf.org</a>
sponsored by Penguin Computing<br>
To change your subscription (digest mode or
unsubscribe) visit <a
href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbeowulf.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fbeowulf&data=04%7C01%7CRenfro%40tntech.edu%7Ce4b070f6b37645adf15808d983539bba%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637685217402282601%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6Nz8oMRsE%2BwUZuaarhTWXAZ8ThB7zWUHJz%2BmVCo2bp4%3D&reserved=0"
target="_blank" moz-do-not-send="true">
https://beowulf.org/cgi-bin/mailman/listinfo/beowulf</a><o:p></o:p></p>
</blockquote>
</div>
</blockquote>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Beowulf mailing list, <a class="moz-txt-link-abbreviated" href="mailto:Beowulf@beowulf.org">Beowulf@beowulf.org</a> sponsored by Penguin Computing
To change your subscription (digest mode or unsubscribe) visit <a class="moz-txt-link-freetext" href="https://beowulf.org/cgi-bin/mailman/listinfo/beowulf">https://beowulf.org/cgi-bin/mailman/listinfo/beowulf</a>
</pre>
</blockquote>
</body>
</html>