Trusted Computing Group Closes In on Storage Protection

By Brian Fonseca  |  Posted 2006-02-14 Print this article Print

TCG shares seven new application use cases for its upcoming trusted storage framework.

The Trusted Computing Group is one step closer to encrypting and protecting peripheral storage devices such as hard drives, flash memory drives, digital tape drives, and optical drives from misuse or tampering, by introducing seven new application use cases surrounding its imminent framework for trusted storage. Use case documents are now available on the TCG Web site outlining the new trusted storage specification, which was unveiled at the RSA Conference in San Jose, Calif., on Feb. 13. The use case documents include: Enrollment and Collection to define host-to-storage device and storage-device-to-host mating; Protected Storage; Locking and Encryption, which can store data at rest; Logging, as forensic capabilities and time-stamping activity; Cryptographic Services; Authorizing Storage Device Feature Sets to Hosts for secure and exclusive use; and Secure Download of Firmware.
Click here to read about why the consolidation of the storage industry means security benefits for IT managers.
The use cases fall into three broad categories: They feature the trusted attachment of storage devices to their hosts, policy-driven secure control over storage device features such as storage locations and storage encryption, and secure session-oriented messaging of those types of controls toward storage devices. In addition, the new documents go into detail about TCGs proposed T10 SCSI and T13 ATA commands. The commands are designed to support storage device security control interfaces, said Michael Willett, senior director of Research and Security for Seagate Technology, and co-chair of the TCG Storage Work Group, based in Portland, Ore. Willett said SCSI and ATA protocols were chosen to serve as the trusted send and trusted receive command interfaces because they are the predominant command-sets interfaces to hard drives and can share the same HD architecture. The TCG Trusted Storage specification will be finished in March and should be available by mid-2006. A whos who of large HD manufacturers, tape drive manufacturers, and flash drive manufacturers are helping to co-develop the fledgling storage specification. Read eWEEK Labs Director Jim Rapozas commentary here on the dangers of trusted computing initiatives. TCG TPMs (Trusted Platform Modules) are a key part of the TCG Storage Workgroups push to extend the trust boundary from permanent peripheral storage units or hard drives into trusted computing host platforms. These small, dedicated processor flash storage devices, which ship in hosts today, provide a root of trust for their hosts. By utilizing the TPM hidden memory in storage devices, Willett said, the TCG is able to set up separate security partitions to construct multiple security partitions within a drive. Each of these partitions will feature its own functional definition which can be assigned to an external host application and assign a secure protocol between the two. For instance, this could be used to secure an in-house health care or financial application to outside partners and hosts, he said. Check out eWEEK.coms for the latest news, reviews and analysis on enterprise and small business storage hardware and software.
Brian Fonseca is a senior writer at eWEEK who covers database, data management and storage management software, as well as storage hardware. He works out of eWEEK's Woburn, Mass., office. Prior to joining eWEEK, Brian spent four years at InfoWorld as the publication's security reporter. He also covered services, and systems management. Before becoming an IT journalist, Brian worked as a beat reporter for The Herald News in Fall River, Mass., and cut his teeth in the news business as a sports and news producer for Channel 12-WPRI/Fox 64-WNAC in Providence, RI. Brian holds a B.A. in Communications from the University of Massachusetts Amherst.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel