Skip to Main Content
There have been many recent cases of information getting into unauthorized hands from lost or stolen laptops or insiders accessing unattended enterprise computers or storage devices. Providing physical protection and using remote locations are two means of keeping stored data confidential. The least expensive secure-storage systems use local data encryption with optional data authentication, together with access control and physical tamper detection. The IEEE P1619 Security in Storage Working Group is developing standard architectures for external encryption modules and tape drives. However, there's no standard yet for hard disks, specifying how developers can adapt the data layout to security needs and provide access control to the encrypted data. That means an attacker can only see the ciphertext after disassembling the drive and examining the magnetic platters with multimillion-dollar equipment. And because of the attacks' destructive nature, if the disk drive is returned, the owner will notice the disk was tampered with and won't trust the stored information. This effectively renders all kinds of data-modification attacks harmless.