+1 613 254 5456
adjust font size Increase Font Size Reset Font Size Decrease Font Size
ホーム アプリケーション Disk & Tape Storage

Disk & Tape Storage

Storage security has become the most important issue for IT managers due to the loss of smartphones, laptops, data being recovered from surplus computer disk drives and even tapes being misplaced by otherwise reputable companies offering off-site storage services. It is now clear that the industry must respond with a comprehensive security standard for data at rest and Elliptic has developed highly-integrated solutions which span all aspects of storage security.

The IEEE has ratified the disk security standard - 1619-2007. The security model works for RAID arrays where a disk might be physically removed by an insider intent upon accessing sensitive corporate information and applies equally well to single SATA or EIDE drives. The standard is based on the XTS-AES (and in some contributions as the AES-XTS) algorithm. It has also been ratified by NIST for inclusion as an approved mode under FIPS 140-2 which would permit it to be used in government applications.

The IEEE Std 1619.1-2007 - Standard Architecture for Encrypted Shared Storage Media, is also ratified and is targeted at encrypting information stored on tape for back-up purposes. It specifies the implementation of either AES-GCM or AES-CCM as the symmetric encryption cipher for this standard. Elliptic offers a variety of solutions for these algorithms ranging in performance from 100 Mbps up to 40+ Gbps depending on the class of tape drive being targeted.

Storage applications must have sophisticated key management designs. This in turn will frequently leverage encrypted key blobs which can be stored in memory such as RAM caches, Flash or on tape and disk. To facilitate the secure storage of key blobs, NIST and the IETF have developed an algorithm for key wrapping that uses the advanced encryption standard. Elliptic's IP portfolio includes AES key wrap (encryption) and key unwrap (decryption) solutions.

Elliptic also offers Ellipsys Cryptography Middleware in support of storage applications, including key management and the recently ratified IEEE Std 1619.2-2010 standard for wide-block encryption and block storage devices. The middleware is split into the symmetric algorithms such as AES and SHA and the asymmetric RSA and ECC algorithms used in authentication and key exchange. The middleware is licensed as C source code.

 

注目の製品

TEE(Trusted Execution Environments)内で堅固な安全性を実現し、確実に許可されたアプリケーションでのみ保存、処理、アクセスされるように重要情報の保護を強化する実績あるHDCPベースのコンテンツ保護ソリューションです。このソリューションは、信頼性が高く安全性が保証されたOS環境に安全性を重視するコンポーネンツが組み込まれたARM TrustZone™のようなフレームワーク内に、シームレスに統合されます。安全性の重要度が高くないコンポーネンツに関しては、AndroidのようなリッチOSで実行されます。
高度にプログラム可能な独自のSecurity Protocol Acceleratorは、特に超大容量ワイヤレス、ネットワーク・アプリケーション向けに開発されました。このエンジンは、4G LTE-最先端ワイヤレスセルラー・ベースのソリューションやフェムトセルのような異なるコンテキストで複数のアクティブ接続や非常に高いトラフィック負荷を扱うアプリケーションに最適です。