location based cryptography

restricts the location of data decryption?? what do you mean by this sentence? Could you please elaborate?

Hello,




I think he meant that if your drive is encrypted the security policy can be enforced so that you can't decrypt information on any target. So if you work for company XYZ, they will allow you to decrypt the information only to an usb mass storage device that contains a certificate (or based on device UID). Practically, it's a form of enforcing data loss prevention policies in order to avoid people getting on their own storage environment confidential information in clear text.

This can be done (from my experience) with the following technologies:
- McAfee Endpoint Encryption (Disk + removable media)
- PGP (Now owned by SYM) or Symantec Endpoint Encryption
- Different systems of Data Loss Prevention who can enforce conditional (content-aware) encryption based on confidentiality policies; i tested Symantec's system that can deliver this function in 11.0 together with PGP/SEE.

Overall this is a good enforcement on a security policy but it's somehow difficult to implement due to the high number of different target devices. For the best result I would bet on cutting down access completely on storage targets (USBSTOR\*) for most of the employees and enforce document exchange only through media that can be audited (eg: Sharepoint, email, etc.)

*Unless he means something related to cryptography as an algorithm/application not a security feature/policy. 😀


Br,
/MD

In order to meet the demand of mobile users in the future, a location-dependent approach, called
location-dependent data encryption algorithm (LDEA), is proposedr. A target latitude/longitude
coordinate is determined firstly. The coordinate is incorporated with a random key for data encryption. The
receiver can only decrypt the ciphertext when the coordinate acquired from GPS receiver is matched with the
target coordinate.