Encrypted Volume and File System v2.0 Administrator Guide HP-UX 11i v3
1 Overview
HP-UX Encrypted Volume and File System (EVFS) is an application-transparent technology providing
protection of data at rest.
With EVFS, critical files and data at rest (on disk) are stored in encrypted form on disk. EVFS
safeguards against compromised use of and unauthorized access to data due to physical theft of
storage devices. The data encryption is based on a secret-key cryptosystem and runs as an integrated
kernel service transparent to the user.
With HP-UX EVFS, disks and volumes can be configured to be used in one of two modes:
volume-level encryption (EVS) or file-level encryption (EFS).
NOTE:
• EVS is supported with HP-UX 11i v2 update 2 and later.
• EFS is supported with HP-UX 11i v3 and later.
• You can use a volume or a disk for either EFS or EVS, but not both.
This chapter discusses the following topics:
• “EVFS architecture” (page 13)
• “Features and benefits” (page 14)
• “Supported software” (page 15)
• “Product limitations and precautions” (page 17)
EVFS architecture
Figure 1 shows the EVFS architecture. It illustrates how the encryption is done for the data that is
stored in volume (EVS) and files (EFS).
EVFS architecture 13