 | This article needs additional citations for verification .(May 2017) |
Storage security is a specialty area of security that is concerned with securing data storage systems and ecosystems and the data that resides on these systems.
| | This article needs additional citations for verification .(May 2017) |
Storage security is a specialty area of security that is concerned with securing data storage systems and ecosystems and the data that resides on these systems.
According to the Storage Networking Industry Association (SNIA), storage security represents the convergence of the storage, networking, and security disciplines, technologies, and methodologies for the purpose of protecting and securing digital assets. [1] Historically, the focus has been on both the vendor aspects of making storage product more secure and the consumer aspects associated with using storage products in secure ways.
 | This section needs expansion. You can help by adding to it. (May 2017) |
Applying security to storage systems and ecosystems requires one to have a good working knowledge of an assortment of standards and specifications, including, but not limited to:
In cryptography, Triple DES, officially the Triple Data Encryption Algorithm, is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The Data Encryption Standard's (DES) 56-bit key is no longer considered adequate in the face of modern cryptanalytic techniques and supercomputing power. A CVE released in 2016, CVE-2016-2183 disclosed a major security vulnerability in DES and 3DES encryption algorithms. This CVE, combined with the inadequate key size of DES and 3DES, led to NIST deprecating DES and 3DES for new applications in 2017, and for all applications by the end of 2023. It has been replaced with the more secure, more robust AES.
Fibre Channel (FC) is a high-speed data transfer protocol providing in-order, lossless delivery of raw block data. Fibre Channel is primarily used to connect computer data storage to servers in storage area networks (SAN) in commercial data centers.
In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.
In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.
The Storage Networking Industry Association (SNIA) is a registered 501(c)(6) non-profit trade association incorporated in December 1997. SNIA has more than 185 unique members, 2,000 active contributing members and over 50,000 IT end users and storage professionals. The SNIA absorbed the Small Form Factor Committee.
The InterNational Committee for Information Technology Standards (INCITS),, is an ANSI-accredited standards development organization composed of Information technology developers. It was formerly known as the X3 and NCITS.
The Storage Management Initiative Specification, commonly called SMI-S, is a computer data storage management standard developed and maintained by the Storage Networking Industry Association (SNIA). It has also been ratified as an ISO standard. SMI-S is based upon the Common Information Model and the Web-Based Enterprise Management standards defined by the Distributed Management Task Force, which define management functionality via HTTP. The most recent approved version of SMI-S is available on the SNIA website.
Offset codebook mode is an authenticated encryption mode of operation for cryptographic block ciphers. OCB mode was designed by Phillip Rogaway, who credits Mihir Bellare, John Black, and Ted Krovetz with assistance and comments on the designs. It is based on the integrity-aware parallelizeable mode (IAPM) of authenticated encryption by Charanjit S. Jutla. The OCB2 version was proven insecure, while the original OCB1 as well as OCB3 from 2011 are still considered secure.
CCM mode is a mode of operation for cryptographic block ciphers. It is an authenticated encryption algorithm designed to provide both authentication and confidentiality. CCM mode is only defined for block ciphers with a block length of 128 bits.
Authenticated Encryption (AE) is an encryption scheme which simultaneously assures the data confidentiality and authenticity. Examples of encryption modes that provide AE are GCM, CCM.
Information security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.
In cryptography, Galois/Counter Mode (GCM) is a mode of operation for symmetric-key cryptographic block ciphers which is widely adopted for its performance. GCM throughput rates for state-of-the-art, high-speed communication channels can be achieved with inexpensive hardware resources.
In cryptography, key wrap constructions are a class of symmetric encryption algorithms designed to encapsulate (encrypt) cryptographic key material. The Key Wrap algorithms are intended for applications such as protecting keys while in untrusted storage or transmitting keys over untrusted communications networks. The constructions are typically built from standard primitives such as block ciphers and cryptographic hash functions.
The ISO/IEC 27000-series comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
ISO/IEC JTC 1, entitled "Information technology", is a joint technical committee (JTC) of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its purpose is to develop, maintain and promote standards in the fields of information and communications technology (ICT).
The following outline is provided as an overview of and topical guide to cryptography:
ISO/IEC 27040 is part of a growing family of International Standards published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in the area of security techniques; the standard is being developed by Subcommitee 27 (SC27) - IT Security techniques of the first Joint Technical Committee 1 of the ISO/IEC. A major element of SC27's program of work includes International Standards for information security management systems (ISMS), often referred to as the 'ISO/IEC 27000-series'.
The SNIA Emerald Program Power Efficiency Measurement Specification, is a storage specification developed and maintained by the Storage Networking Industry Association (SNIA) and cross-referenced by the Environmental Protection Agency’s EnergyStar program. The specification consists of a storage types taxonomy, system under test workload and energy measurement method, measured metrics for active and idle operational states, and presence tests for capacity optimization technologies. The measured metric data is generated through the use of well-defined standard testing and data reduction procedures prescribed in the SNIA Emerald Specification.