当前位置:首页 > 报告详情

存储安全净化演变.pdf

上传人: a****d 编号:184997 2024-10-07 16页 309.16KB

1、1|2024 SNIA.All Rights Reserved.Storage Sanitization Recent EvolutionPresented by Paul SuhlerPrincipal Engineer,SSD Standards,KIOXIAChair,IEEE Security in Storage Working Group2|2024 SNIA.All Rights Reserved.AbstractThe need to eradicate recorded data on storage devices and media is well understood,

2、but the technologies and methodologies to do it correctly can be elusive.New standards are being developed that build upon the ISO/IEC 27040(Storage security)and IEEE 2883-2022(Standard for Storage Sanitization)international standards.These provide more clarity for organizations as well as enhanced

3、expectations of what is meant by reasonable security.Standards organizations are improving the coordination of their work,which will provide a more coherent set of standards.This session describes the framework of standards and highlights new capabilities and ongoing developments.3|2024 SNIA.All Rig

4、hts Reserved.Learning objectivesUnderstand new developments in data sanitization and related standards,which standards are of use to the listeners organization,and which standards bodies are addressing different aspects of sanitization.4|2024 SNIA.All Rights Reserved.OutlineVocabularyNew capabilitie

5、sWork in progressThe standards environmentSummaryCall to action5|2024 SNIA.All Rights Reserved.Sanitization vocabulary Sanitization methods(from IEEE 2883-2022):Clear:User data cannot be read from the device.Purge:User data cannot be recovered from media even if the device is disassembled and the me

6、dia read at a low level.Destruct:Device is destroyed and data cannot be recovered from the remains of the media.Purge:All user data in the storage device is eradicated:Including caches,controller memory buffer,persistent memory region,etc.Techniques:cryptographic erase,block erase,or overwriting.Dev

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要讨论了数据存储安全中的数据清除(Sanitization)标准的新发展。由IEEE Security in Storage Working Group和ISO/IEC 27040等国际标准提供支持,新标准为组织提供了更清晰的指导,并设定了更高的安全期望。文章概述了标准框架,并强调了新的功能和正在进行的发展,包括:数据清除方法,如Clear(清除)、Purge(净化)和Destruct(破坏);加密方法的改进,如Overwrite(覆盖)、Block Erase(块擦除)和Cryptographic Erase(加密擦除);以及新的功能,如Key Per I/O(每个I/O操作的密钥),它允许对存储设备进行更细粒度的加密。文章还提到了验证清除效果的新标准,如NVM Express TP4152 Post-Sanitize Media Verification,以及正在进行的工作,如IEEE P2883.1和P2883.2,这些都将提供关于如何在虚拟化和云存储系统中实施清除的指导。最后,文章呼吁组织理解自身需求并相应地进行数据清除,同时鼓励参与定义清除方面的标准组织,如NVM Express、INCITS SCSI和IEEE Security in Storage Working Group。
"数据清除新标准有何亮点?" "如何确保存储设备彻底清除数据?" "参与存储安全标准制定的好处是什么?"
客服
商务合作
小程序
服务号
折叠