CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 2nd, 2009

Universal Storage Standard Announced By Trusted Computing Group

Trusted Computing Storage Work Group reports the success of a major work effort to unite secure data storage standards. That effort has been intensive and has actively engaged the entire storage industry over the last four years, from all six hard drive vendors (Fujitsu, Hitachi GST, Seagate Technology, Samsung, Toshiba and Western Digital) to tape, optical, and flash storage device manufacturers.

The last frontier of securing data throughout its life cycle is to secure stored data. The I.T. security community has been occupied with securing data in transit, over networks and through applications, yet data spends most of its useful life in storage, as data at “rest”.

The archetypal use case is when stored data leaves the control of the owner, as when a laptop is lost or stolen, or a data center drive leaves the protection of the data center to be repaired, returned on contract or warranty, or for end-of-life. In these cases, sensitive or personal data is exposed. For this use case, the trusted storage specifications define the concept of self-encrypting storage (SES), in which the hardware circuitry for encryption and decryption is integrated directly into the on-board storage electronics. Everything written to storage is encrypted and everything read from storage is decrypted, at full channel speeds.

The specifications further define a standardized way to securely manage SES, including SES locking, which allows access by only authorized users. A valuable advantage of SES is that, by deleting the on-board encryption key, the storage system is instantly ‘sanitized’; e.g., the data is no longer available. This “rapid erase” capability simplifies re-purposing and end-of-life for a storage device.

The Core Architecture specification (Revision 0.9) was published over a year ago in order to give the larger storage community an opportunity to analyze the architecture and underlying security function set for trusted storage. The recent focus of the Storage Work Group has been on defining Security Subsystem Classes (SSC) and finalizing Revision 1.0 of the Core Architecture. The TCG Storage specifications can be found at https://www.trustedcomputinggroup.org/specs/Storage.

The current fanfare is over the publication of three new specifications: an Enterprise SSC (e.g., data center storage), a workstation SSC (called OPAL, to suggest the “precious” nature of the specification to the world of stolen laptops), and a Storage Interface Interactions specification (SIIF). The SIIF specification deals with the nuances of the interaction of trusted storage with the traditional storage interfaces (e.g., SCSI and ATA). Already, products satisfying the SSCs are being introduced to the market.

The soon-to-be published Revision 1.0 of the Core Architecture will be the crowning achievement of the Storage Work Group. The storage industry owes a debt of technical gratitude to the volunteers who labored to bring this level of standardization and cross-industry cooperation to the rapidly growing necessity for trusted storage.

Credit: Michael Willett and Robert Thibadeau, Seagate Technology, Trusted Computing Group

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • University Of Utah Hospitals & Clinics Stolen Backup Tape Contained 2.2 Million Billing Records
  • DivShare Online Storage Breached, Basic Members Data Accessed By Hacker
  • IBM’s New USB-based Device Might Allow Safer Online Banking
  • Computers With Internet Explorer And Google Chrome Installed Are At Risk
  • Bank Of NY Mellon Corporation Loses Clients Details Backup Tapes

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Universal Storage Standard Announced By Trusted Computing Group

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.