Applications

Join Now

Interested companies are encouraged to review the Benefits of Membership and apply today!

Join Now

Glossary

Unfamiliar with a term used in this section? Check the TCG Glossary of TechnicalTerms for the definition.  


View Glossary
Storage

Storage

The Storage Work Group will build upon existing TCG technologies and philosophy, and focus on standards for security services on dedicated storage systems. One objective is to develop standards and practices for defining the same security services across dedicated storage controller interfaces, including but not limited to ATA, Serial ATA, SCSI, FibreChannel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP), and iSCSI. Storage systems include disk drives, removable media drives, flash storage, and multiple storage device systems.

 

TCG partners with SNIA-SSIF to further support secure storage standards.  

SNIA logo

The SNIA Storage Security Industry Forum (SSIF), the place where security and storage meet, is a consortium of storage, security professionals, security practitioners, and academics - all dedicated to fulfill the SNIA vision to:

 

Enhance information assurance and optimize security investments while maintaining present operational effectiveness in the disparate technologies and standards that work together to form storage ecosystems.

SSIF members collaborate to transform their vast body of knowledge and practical experiences in security and storage into high quality educational, technical, and engineering activities that influence the design, use, and management of storage technologies to better protect and secure information.  Our goal is to increase the overall knowledge and availability of robust security solutions in today's storage ecosystems and to provide data and information security expertise to contribute to a better understanding of information assurance and how it applies in the organization. More information is at www.snia.org/ssif.

 For more information, please access the following documents:

 

Resources

What is the TCG Storage Specification?

The TCG Storage Workgroup has developed the TCG Storage Specification Overview and Core Architecture Specification as Version 1.0, Revision 0.9, which describes in detail how to implement and utilize trust and security services on storage devices. TCG is making it publicly available for critical review and analysis by the larger I.T., storage, and software application and end-user communities. Storage device developers can design trusted storage devices based on this Specification and application developers can examine how their applications might exploit trusted storage devices.

Why is the Specification being released as "Version 1.0, Revision 0.9 - draft"?

The TCG is following the usual practice with storage-related standards (such as SCSI and ATA) of releasing a version for wider industry review, before publishing a final version. This version of the Specification is complete, self-contained, and capable of being implemented, and was developed by our broad base of storage industry members. Vendors can begin to engineer products based on the Specification. If a vendor would like to contribute to the final Specification, we encourage that vendor to join TCG and to participate in the Storage Workgroup.

Who would use the Storage Specification?

There are two primary audiences for this Specification:

For storage device manufacturers, TCG's Specification provides the architecture for how to implement trust and security services on storage devices.

For platform-based application developers (ISVs), the Specification describes the interface to trust and security services on storage devices, so that the application can take advantage of such services.       
Of course, the ultimate benefactors of the Storage Specification are the end-users who purchase and take advantage of the security-enhanced applications that will result from using the Specification.   

Have you taken into account existing standards such as those for SCSI and ATA? How are you working with other standards bodies?

SCSI (T10) and ATA (T13) are ANSI/INCITS standards committees that input their standards to ISO and provide the interface standards for a great variety of storage devices, including USB-attached storage (i.e., SCSI command set). After interaction with TCG, T10 and T13 both have defined a Trusted Send (In) and Trusted Receive (Out) command set, which have subsequently been dually standardized. Trusted Send/Receive provides the "container" commands for specific "payload" security commands. The TCG Storage Specification provides the "payload" definition for the specific Protocol ID = TCG. Other Protocol IDs can be assigned to other protocol suites, as needed.

Additionally, the Storage Specification reference adopts other trust and security standards, as appropriate (e.g., public key, cryptography, hashing).

What does this Storage Specification enable?

The Specification enables platform-based applications to take advantage of trust and security services provided by "trusted" storage devices.

What are examples of trust and security services detailed in the Storage Specification?

The Specification enables applications to take advantage of a number of trust and security services on a storage device:
Cryptography
Public key cryptography and digital signature
Hashing functions
Random number generation (RNG)
Secure storage

Is the Storage Specification complete? Will there be later versions?

The Specification is complete, but is being released as a Version 1.0, Revision 0.9 - draft. Even though all the major hard drive manufacturers and a number of flash, optical, and tape manufacturers have been working together to develop this Specification, we are providing this version to the larger I.T., storage, software application and end-user communities. If a vendor would like to contribute to the final Specification, due in the near future, we encourage that vendor to join TCG and to participate in the Storage Workgroup. However, ISVs and storage device manufacturers can begin to devise implementations based on this version of the Specification now.

Will products created using today’s Storage Specification work with those based on later versions?

Yes; any enhancements and additions should be upward compatible or require minimal changes.

Will products based on the Storage Specification work in today’s PC architectures?

Yes; the Storage Specification targets applications running on either PC or server platforms and therefore takes advantage of and is compatible with PC and server architectures.

What change of behavior is required from IT managers to use products based on the Storage Specification?

Traditionally, storage devices have been viewed as "simply" storage. However, storage devices can have powerful computing systems on board and lots of available memory, all protected behind a tightly closed and access-controlled environment, largely immune to the vulnerabilities of the operating system-based platform itself (e.g., viruses). And, the data is on the storage device. Why not put the security functions related to data protection directly on the device housing the data?

TCG and its members believe that IT managers will appreciate the advantages of pairing security and data storage in the same device.

Next