Join Now
Interested companies are encouraged to review the Benefits of Membership and apply today!
Join NowGlossary
Unfamiliar with a term used in this section? Check the TCG Glossary of TechnicalTerms for the definition.
View Glossary
Storage
The Storage Work Group will build upon existing TCG technologies and philosophy, and focus on standards for security services on dedicated storage systems. One objective is to develop standards and practices for defining the same security services across dedicated storage controller interfaces, including but not limited to ATA, Serial ATA, SCSI, FibreChannel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP), and iSCSI. Storage systems include disk drives, removable media drives, flash storage, and multiple storage device systems.
TCG partners with SNIA-SSIF to further support secure storage standards.
The SNIA Storage Security Industry Forum (SSIF), the place where security and storage meet, is a consortium of storage, security professionals, security practitioners, and academics - all dedicated to fulfill the SNIA vision to:
Enhance information assurance and optimize security investments while maintaining present operational effectiveness in the disparate technologies and standards that work together to form storage ecosystems.
SSIF members collaborate to transform their vast body of knowledge and practical experiences in security and storage into high quality educational, technical, and engineering activities that influence the design, use, and management of storage technologies to better protect and secure information. Our goal is to increase the overall knowledge and availability of robust security solutions in today's storage ecosystems and to provide data and information security expertise to contribute to a better understanding of information assurance and how it applies in the organization. More information is at www.snia.org/ssif.
For more information, please access the following documents:
Storage Application Note: Encrypting Drives Compliant with Opal SSC
This document provides examples of the communication between a host and a storage device implementing the TCG Storage Security Subsystem Class: Opal SSC and the TCG Storage Architecture Core Specification.
Storage Work Group Storage Security Subsystem Class: Opal
The Storage Workgroup specifications provide a comprehensive architecture for putting Storage Devices under policy control as determined by the trusted platform host, the capabilities of the Storage Device to conform with the policies of the trusted platform, and the life cycle state of the Storage Device as a Trusted Peripheral.
TCG Storage Specifications and Key Management
"Key management is the hardest part of cryptography and often the Achilles' heel of an otherwise secure system." – Bruce Schneier, Preface to Applied Cryptography, Second Edition.
"Evil Maid" Attacks on Encrypted Hard Drives
"The real defense here is trusted boot, something Trusted Computing is supposed to enable...BitLocker...can prevent these sorts of attacks if the computer has a TPM module, version 1.2 or later, on the motherboard."
Five Great Reasons to Adopt Trusted Computing
Trusted Computing is perhaps one of the most misunderstood (willfully misunderstood, to be frank about it) emergent technologies for computer security.