Opal Storage Specification

Last updated

The Opal Storage Specification is a set of specifications for features of data storage devices (such as hard disk drives and solid state drives) that enhance their security. For example, it defines a way of encrypting the stored data so that an unauthorized person who gains possession of the device cannot see the data. That is, it is a specification for self-encrypting drives (SED).

Contents

The specification is published by the Trusted Computing Group Storage Workgroup.

Overview

The Opal SSC (Security Subsystem Class) is an implementation profile for Storage Devices built to:

Functions

The Opal SSC encompasses these functions:

Features

Security

Radboud University researchers indicated in November 2018 that some hardware-encrypted SSDs, including some Opal implementations, had security vulnerabilities. [2]

Implementers of SSC

Device companies

Storage controller companies

Software companies

Computer OEMs

Related Research Articles

<span class="mw-page-title-main">Hard disk drive</span> Electro-mechanical data storage device

A hard disk drive (HDD), hard disk, hard drive, or fixed disk is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magnetic material. The platters are paired with magnetic heads, usually arranged on a moving actuator arm, which read and write data to the platter surfaces. Data is accessed in a random-access manner, meaning that individual blocks of data can be stored and retrieved in any order. HDDs are a type of non-volatile storage, retaining stored data when powered off. Modern HDDs are typically in the form of a small rectangular box.

<span class="mw-page-title-main">Western Digital</span> American digital storage company

Western Digital Corporation is an American data storage company headquartered in San Jose, California. It has a decades-long history in the electronics industry as an integrated circuit and data memory technology developer. It is one of the world's largest computer hard disk drive (HDD) manufacturers, along with producing solid-state drives (SSDs) and flash memory devices.

<span class="mw-page-title-main">Seagate Technology</span> American data storage company

Seagate Technology Holdings plc is an American data storage company. It was incorporated in 1978 as Shugart Technology and commenced business in 1979. Since 2010, the company has been incorporated in Dublin, Ireland, with operational headquarters in Fremont, California, United States.

<span class="mw-page-title-main">Self-Monitoring, Analysis and Reporting Technology</span> Monitoring system in computer drives

Self-Monitoring, Analysis, and Reporting Technology is a monitoring system included in computer hard disk drives (HDDs) and solid-state drives (SSDs). Its primary function is to detect and report various indicators of drive reliability, or how long a drive can function while anticipating imminent hardware failures.

<span class="mw-page-title-main">Linear Tape-Open</span> Magnetic tape-based data storage technology

Linear Tape-Open (LTO), also known as the LTO Ultrium format, is a magnetic tape data storage technology used for backup, data archiving, and data transfer. It was originally developed in the late 1990s as an open standards alternative to the proprietary magnetic tape formats available at the time. Upon introduction, LTO rapidly defined the super tape market segment and has consistently been the best-selling super tape format. The latest generation as of 2021, LTO-9, can hold 18 TB in one cartridge.

Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting of storage media that does not remove data previously written to the media, or through physical properties of the storage media that allow previously written data to be recovered. Data remanence may make inadvertent disclosure of sensitive information possible should the storage media be released into an uncontrolled environment.

Encryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.

Input/output operations per second is an input/output performance measurement used to characterize computer storage devices like hard disk drives (HDD), solid state drives (SSD), and storage area networks (SAN). Like benchmarks, IOPS numbers published by storage device manufacturers do not directly relate to real-world application performance.

A hybrid drive is a logical or physical computer storage device that combines a faster storage medium such as solid-state drive (SSD) with a higher-capacity hard disk drive (HDD). The intent is adding some of the speed of SSDs to the cost-effective storage capacity of traditional HDDs. The purpose of the SSD in a hybrid drive is to act as a cache for the data stored on the HDD, improving the overall performance by keeping copies of the most frequently used data on the faster SSD drive.

<span class="mw-page-title-main">History of hard disk drives</span>

In 1953, IBM recognized the immediate application for what it termed a "Random Access File" having high capacity and rapid random access at a relatively low cost. After considering technologies such as wire matrices, rod arrays, drums, drum arrays, etc., the engineers at IBM's San Jose California laboratory invented the hard disk drive. The disk drive created a new level in the computer data hierarchy, then termed Random Access Storage but today known as secondary storage, less expensive and slower than main memory but faster and more expensive than tape drives.

Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.

<span class="mw-page-title-main">Solid-state drive</span> Computer storage device with no moving parts

A solid-state drive (SSD) is a type of solid-state storage device that uses integrated circuits to store data persistently. It is sometimes called semiconductor storage device, solid-state device, or solid-state disk.

This is a technical feature comparison of different disk encryption software.

Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.

SandForce was an American fabless semiconductor company based in Milpitas, California, that designed flash memory controllers for solid-state drives (SSDs). On January 4, 2012, SandForce was acquired by LSI Corporation and became the Flash Components Division of LSI. LSI was subsequently acquired by Avago Technologies on May 6, 2014 and on the 29th of that same month Seagate Technology announced its intention to buy LSI's Flash Components Division.

NVM Express (NVMe) or Non-Volatile Memory Host Controller Interface Specification (NVMHCIS) is an open, logical-device interface specification for accessing a computer's non-volatile storage media usually attached via the PCI Express bus. The initial NVM stands for non-volatile memory, which is often NAND flash memory that comes in several physical form factors, including solid-state drives (SSDs), PCIe add-in cards, and M.2 cards, the successor to mSATA cards. NVM Express, as a logical-device interface, has been designed to capitalize on the low latency and internal parallelism of solid-state storage devices.

ExpressCache is a Windows-based SSD caching technology developed by Condusiv Technologies and licensed to a number of laptop manufacturers including Acer, ASUS, Samsung, Sony, Lenovo, and Fujitsu. ExpressCache is also bundled with some SanDisk products such as ReadyCache; SanDisk currently holds an exclusive ExpressCache license for stand-alone storage products.

References

  1. TCG Storage Security Subsystem Class: Opal Specification Version 2.01 Revision 1.00 . Trusted Computing Group, Incorporated. 05 August 2015. Retrieved 2019-11-22.
  2. Meijer, Carlo; van Gastel, Bernard (19–23 May 2019). Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives. 2019 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE. pp. 72–87. doi: 10.1109/SP.2019.00088 . hdl: 2066/207837 . ISBN   978-1-5386-6660-9. ISSN   2375-1207.
  3. "Intel® SSD Pro 1500 Series (M.2): Specs". Intel.com. Retrieved 2017-05-03.
  4. "Solid State Hard Drives for Business". Kingston.com. 2017-03-05. Retrieved 2017-05-03.
  5. Clain Anderson (2011-02-16). "Opal – More than a Semi-Precious Stone | Lenovo". Blog.lenovo.com. Retrieved 2017-05-03.
  6. "Micron Technology, Inc. - Full SSD Part Catalog". Micron.com. Retrieved 2017-05-03.
  7. "Samsung V-NAND SSD". Samsung.com. Retrieved 2017-05-03.
  8. "SanDisk's X300s Solid State Drive". Archived from the original on 2014-08-03. Retrieved 2014-08-02.
  9. "News". Seagate. Retrieved 2017-05-03.
  10. "Full Disk Encryption Software, Hard Drives, SSDs & Whole Disk". WinMagic. Retrieved 2017-05-03.
  11. "Fujitsu Develops HDD Security Technology based on Opal SSC Standards - Fujitsu Global". Fujitsu.com. Retrieved 2017-05-03.
  12. "Specialty | TOSHIBA Storage & Electronic Devices Solutions Company | Americas". Storage.toshiba.com. Retrieved 2017-05-03.
  13. "Specialty | TOSHIBA Storage & Electronic Devices Solutions Company | Americas". Storage.toshiba.com. Retrieved 2017-05-03.
  14. "Marvell Technology Group Ltd". Marvell.com. Retrieved 2017-05-03.
  15. "Marvell, Kingston Collaboration Proves Positive with Over Six Million SSD Units Shipped". Kingston Technology. Retrieved 30 December 2021.
  16. "SandForce Flash Storage Processor SSD Controllers". Archived from the original on 2013-08-08. Retrieved 2013-08-01.
  17. "Self-Healing Endpoint Security". Absolute. Retrieved 2017-05-03.
  18. "Industry-Leading Cyber Security Keeps Networks, Data Centers, Mobile Devices & Endpoints One Step Ahead | Check Point Software". Checkpoint.com. Retrieved 2017-05-03.
  19. "Data Security | Dell United States". Dell.com. 2017-04-26. Retrieved 2017-05-03.
  20. "CryptoMill :: Products & services". Archived from the original on 2012-02-09. Retrieved 2012-01-14.
  21. "McAfee Corporate KB - KB75045". Kc.mcafee.com. Retrieved 2017-05-03.
  22. "FinallySecure™ Enterprise - SECUDE AG". Archived from the original on 2012-01-26. Retrieved 2012-01-14.
  23. "Comprehensive Data Encryption and Protection Solutions - SecureDrive". Softexinc.com. 2014-06-20. Retrieved 2017-05-03.
  24. "Full Disk Encryption | Always-On, Multi-Platform Enterprise Encryption Synchronizes Devices, Hard Drives, Removable Media, BitLocker, and Cloud Storage Protection in Real-Time". Sophos.com. Retrieved 2017-05-03.
  25. "Endpoint Encryption Powered by PGP Technology". Symantec.com. Retrieved 2017-05-03.
  26. "Archived copy". Archived from the original on 2017-09-25. Retrieved 2016-02-03.{{cite web}}: CS1 maint: archived copy as title (link)
  27. "Data Protection – Endpoint and Gateway Suites | Trend Micro". Us.trendmicro.com. Retrieved 2017-05-03.
  28. "Full Disk Encryption Software, Hard Drives, SSDs & Whole Disk". WinMagic. Retrieved 2017-05-03.
  29. "Software management of TCG self-encrypting drives". Fidelity Height LLC.
  30. "Dell Official Site | Dell United States". Dell.com. 2017-04-26. Retrieved 2017-05-03.
  31. "Laptop Computers, Desktops, Printers and more | HP® Official Site". Hp.com. Retrieved 2017-05-03.
  32. Archived 2008-08-28 at the Wayback Machine
  33. "Fujitsu News Updates - Fujitsu UK". Fujitsu.com. Retrieved 2017-05-03.
  34. "Panasonic Toughpad | Rugged Tablet | Toughpad". Panasonic.com. 2015-10-27. Retrieved 2017-05-03.
  35. "Rugged Notebooks, Tablets, Handhelds and Laptops from". Getac.com. Retrieved 2017-05-03.