Implementing Stored Data Encryption – Learn the Latest at SNIA Education Day at Storage Visions Conference

by Marty Foltyn

SNIA on Storage continues its preview of SNIA Tutorials at the Storage Visions Conference, a partner program of CES held on January 3-5, 2016 at the Luxor Hotel in Las Vegas.  “SNIA Education Day” is held on afternoon of the pre-conference day at Storage Visions – January 3, 2016 – and is designed to give attendees the opportunity to learn about important storage topics on depth with leading industry speakers.Education_continuum_new_resize

Five tutorials will be presented on the SNIA Education Day.  In the December 17th SNIA on Storage blog, we featured the  tutorial which examines the conflict between privacy and data protection as illustrated in the European Union, but really applicable worldwide. In the December 18 blog, we previewed the Practical Online Cache Analysis and Optimization tutorial. In the December 21 blog, we examined Massively Scalable File Storage – the Key to the Internet of Things. And in the December 22 blog, a tutorial in a new research area – Fog Computing – was explained.

Today we preview the final tutorial of the SNIA Education Day – Implementing Stored-Data Encryption, presented by Dr. Michael Willett of Bright Plaza.

Data security is top of mind for most businesses trying to respond to the constant barrage of news highlighting data theft, security breaches, and the resulting punitive costs. Combined with litigation risks, compliance issues and pending legislation, companies face a myriad of technologies and products that all claim to protect data-at-rest on storage devices. This SNIA Tutorial will answer the question “What is the right approach to encrypting stored data?”.

The Trusted Computing Group, with the active participation of the drive industry, has standardized on the technology for self-encrypting drives (SED): the encryption is implemented directly in the drive hardware and electronics. Mature SED products are now available from all the major drive companies, both HDD (rotating media) and SSD (solid state) and both laptops and data center. SEDs provide a low-cost, transparent, performance-optimized solution for stored-data encryption, but SEDs do not protect data in transit, upstream of the storage system.

For overall data protection, a layered encryption approach is advised. Sensitive data (eg, as identified by specific regulations: HIPAA, PCI DSS) may require encryption outside and upstream from storage, such as in selected applications or associated with database manipulations. This tutorial will examine a ‘pyramid’ approach to encryption: selected, sensitive data encrypted at the higher logical levels, with full data encryption for all stored data provided by SEDs.

SNIA Tutorial presenter Dr. Michael Willett serves as a consultant on the marketing of storage-based security and is currently working with the Bright Plaza executive team to promote the Drive Trust Alliance, whose mission is to promote adoption of SEDs in the marketplace. Dr. Willett received a Bachelor of Science degree from the US Air Force Academy (Top Secret clearance) and a Masters and PhD in mathematics from NC State University. After a career as a university professor of mathematics and computer science, Dr. Willett joined IBM as a design architect, moving into IBM’s Cryptography Competency Center. Later, Dr. Willett joined Fiderus, a security and privacy consulting practice, subsequently accepting a position with Wave Systems. Recently, Dr. Willett was a Senior Director at Seagate Research, focusing on security functionality on hard drives, including self-encryption, related standardization, product rollout, patent development, and partner liaison.  Dr. Willett also chaired the OASIS Privacy Management Reference Model Technical Committee (PMRM TC), which has developed an operational reference model for implementing privacy requirements. Most recently, Dr. Willett worked with Samsung as a storage security strategist, helping to define their self-encryption strategy across Samsung’s portfolio of storage products.

SNIA is a proud sponsor of the Storage Visions Conference, a partner program of the Consumer Electronics Show (CES).  Storage Visions, held in Las Vegas right before CES on January 3-5, 2016, is the place to explore the latest information on the rapidly evolving technology of digital storage and how it impacts consumer electronics, the internet of things, and storage in the cloud. If you have not registered for Storage Visions, head over to http://www.storagevisions.com for the conference preview.  Take $100 off your registration with the link:  https://sv2016.eventbrite.com/?discount=onehundredoff_67349921

Security is Strategic to Storage Developers – and a Prime Focus at SDC and SNIA Data Storage Security Summit

Posted by Marty Foltyn

Security is critical in the storage development process – and a prime focus of sessions at the SNIA Storage Developer Conference AND the co-located SNIA Data Storage Security Summit on Thursday September 24. Admission to the Summit is complimentary – register here at http://www.snia.org/dss-summit.DataStorageSecuritySummitlogo200x199[1]

The Summit agenda is packed with luminaries in the field of storage security, including keynotes from Eric Hibbard (SNIA Security Technical Work Group and Hitachi), Robert Thibadeau (Bright Plaza), Tony Cox (SNIA Storage Security Industry Forum and OASIS KMIP Technical Committee), Suzanne Widup (Verizon), Justin Corlett (Cryptsoft), and Steven Teppler (TimeCertain); and afternoon breakouts from Radia Perlman (EMC); Liz Townsend (Townsend Security); Bob Guimarin (Fornetix); and David Siles (Data Gravity). Roundtables will discuss current issues and future trends in storage security. Don’t miss this exciting event!

SDC’s “Security” sessions highlight security issues and strategies for mobile, cloud, user identity, attack prevention, key management, and encryption. Preview sessions here, and click on the title to find more details.SDC15_WebHeader3_999x188

Geoff Gentry, Regional Director, Independent Security Evaluators Hackers, will present Attack Anatomy and Security Trends, offering practical experience from implementing the OASIS Key Management Interoperability Protocol (KMIP) and from deploying and interoperability testing multiple vendor implementations of KMIP .

David Slik, Technical Director, Object Storage, NetApp will discuss Mobile and Secure: Cloud Encrypted Objects Using CDMI, introducing the Cloud Encrypted Object Extension to the CDMI standard, which permits encrypted objects to be stored, retrieved, and transferred between clouds.

Dean Hildebrand, IBM Master Inventor and Manager | Cloud Storage Software and Sasikanth Eda, Software Engineer, IBM will present OpenStack Swift On File: User Identity For Cross Protocol Access Demystified. This session will detail the various issues and nuances associated with having common ID management across Swift object access and file access ,and present an approach to solve them without changes in core Swift code by leveraging powerful SWIFT middleware framework.

Tim Hudson, CTO and Technical Director, Cryptsoft will discuss Multi-Vendor Key Management with KMIP, offering practical experience from implementing the OASIS Key Management Interoperability Protocol (KMIP) and from deploying and interoperability testing multiple vendor implementations of KMIP .

Nathaniel McCallum, Senior Software Engineer, Red Hat will present Network Bound Encryption for Data-at-Rest Protection, describing Petera, an open source project which implements a new technique for binding encryption keys to a network.

Finally, check out SNIA on Storage previous blog entries on File Systems, Cloud, Management, New Thinking, and Disruptive Technologies. See the agenda and register now for SDC at http://www.storagedeveloper.org.