Hardware-based full disk encryption

Hardware-based full disk encryption

Hardware-based Full Disk Encryption is being pursued by a number of HDD vendors including Intel, Seagate Technology, and Hitachi, Ltd. with the rest of the hard drive industry following. Encryption and the symmetric encryption key is maintained independently from the CPU, thus removing computer memory as a potential attack vector. There are current two varieties of hardware-FDE being discussed:

#Hard Disk Drive FDE
#Chipset FDE

Hard Disk Drive FDE

HDD FDE is being pushed by HDD vendors and a standard is being pursued for greater adoption via the Trusted Computing Group [ [https://www.trustedcomputinggroup.org/ Trusted Computing Group: Home ] ] . Key management takes place within the HDD and encryption keys are protected by the drive firmware. However, some level of authentication must still take place within the CPU via either a software Pre-Boot Authentication [ [http://secude.com/htm/707/en/Pre-Boot_Authentication.htm SECUDE IT Security - Pre-Boot Authentication ] ] Environment or with a BIOS password.

Currently there are three software solutions for Pre-Boot Authentication available from Secude [ [http://secude.com/ SECUDE IT Security - Homepage ] ] ,SafeNet and Wave Systems.

Chipset FDE

Intel has announced the release of the Danbury chipset [http://www.theregister.co.uk/2007/09/21/intel_vpro_danbury/] series which promises full disk encryption and a Trusted Platform Module (TPM) in the south bridge. However, as the chipset is not yet released and will not be broadly available until 2009, extensive research is not yet available.

ee also

*Disk encryption hardware
*Disk encryption software

References


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Full disk encryption — (or whole disk encryption) is a kind of disk encryption software or hardware which encrypts every bit of data that goes on a disk or disk volume. The term full disk encryption is often used to signify that everything on a disk, including the… …   Wikipedia

  • Disk encryption — uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term full disk encryption (or whole disk encryption) is often used to… …   Wikipedia

  • Disk encryption hardware — To protect confidentiality of the data stored on a computer disk a computer security technique called disk encryption is used. This article discusses hardware which is used to implement the technique (for cryptographic aspects of the problem see… …   Wikipedia

  • Disk encryption theory — Disk encryption is a special case of data at rest protection when the storage media is a sector addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For discussion of different software packages and… …   Wikipedia

  • Comparison of disk encryption software — This is a technical feature comparison of different disk encryption software. Contents 1 Background information 2 Operating systems 3 Features 4 Layering …   Wikipedia

  • BitLocker Drive Encryption — infobox software caption = developer = Microsoft latest release version = 1.0 latest release date = January 30, 2007 programming language = C, C++, AssemblerFact|date=June 2008 operating system = Windows Vista, Windows Server 2008 language =… …   Wikipedia

  • Advanced Encryption Standard — Infobox block cipher name = AES caption = The SubBytes step, one of four stages in a round of AES designers = Vincent Rijmen, Joan Daemen publish date = 1998 derived from = Square derived to = Anubis, Grand Cru related to = certification = AES… …   Wikipedia

  • Lenovo Group — Infobox Company company name = Lenovo Group Limited 联想集团有限公司 company type = Privately owned company (Red chip) company company slogan = foundation = 1984 location = flagicon|China Beijing, China flagicon|USA Morrisville, North Carolina, USA… …   Wikipedia

  • Pre-boot authentication — (PBA) serves as an extension of the BIOS or boot firmware and guarantees a secure, tamper proof environment external to the operating system as a trusted authentication layer. The PBA prevents anything being read from the hard disk such as the… …   Wikipedia

  • History of computing hardware — Computing hardware is a platform for information processing (block diagram) The history of computing hardware is the record of the ongoing effort to make computer hardware faster, cheaper, and capable of storing more data. Computing hardware… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”