Data integrity and security

HCP includes many features specifically designed to protect the integrity and ensure the security of stored data:

  • Write-once, read-many (WORM) storage

    After the data for an object is stored in the repository, HCP prevents that data from being modified or overwritten.

  • Node login prevention

    HCP does not allow system-console logins on its nodes. This provides a basic level of protection not only for the stored data but also for the system software.

  • Secure Sockets Layer (SSL)

    HCP can use SSL to ensure the privacy of HTTP and WebDAV access to namespaces. It always uses SSL to secure the Management and Search Consoles. Additionally, use of the HCP management API requires SSL.

  • Content Verification service

    Each object has a cryptographic hash value that’s calculated from the object data. The Content Verification service ensures the integrity of each object by periodically checking that its data still matches its hash value.

  • Scavenging service

    The Scavenging service protects namespaces from the loss of system metadata. If the service encounters an object with invalid metadata, it restores the correct metadata by using a copy from another location.

  • Retention policy

    Each object has a retention setting that specifies how long the object must remain in the repository before it can be deleted; this duration is called the retention period. HCP ensures that objects are kept until their retention periods expire. The only exception to this behavior occurs in namespaces in enterprise mode. In these namespaces, users with explicit permission to do so can delete objects that are under retention. Such deletions are recorded in the tenant log.

  • Shredding policy

    Objects can be marked for shredding. When such an object is deleted, HCP overwrites its storage location in such a way as to completely remove any trace that the object was there.

  • Data access authentication

    The HTTP, S3 compatible, HSwift, WebDAV, and CIFS protocols can be configured to require authentication for access to an HCP namespace. If these are the only protocols enabled for the namespace, users and applications must present valid credentials for access to the namespace content. HCP supports both local and remote authentication methods. For remote authentication, HCP supports Windows Active Directory® and RADIUS.

  • Data access permission masks

    Data access permissions determine which operations a user or application can perform on the objects in an HCP namespace. These permissions can be:

    • Associated with a tenant-level user or group account, in which case they apply to all objects in the namespace
    • Specified in the namespace configuration as the minimum permissions for authenticated or unauthenticated users, in which case they apply to all objects in the namespace
    • Specified in an ACL, in which case they apply to the individual object for which the ACL is defined

  • Virtual networking

    Virtual networking is a technology that enables you to define multiple logical networks over which clients can communicate with HCP. You can assign different networks to different tenants, thereby segregating network traffic to and from the namespaces owned by one tenant from network traffic to and from the namespaces owned by other tenants. This segregation enhances the privacy and security of data transmitted between clients and the HCP system.