Trusted Computing Standard Coming To The SAN--And The Sneakernet

Trusted Computing chips are already built into most new business PCs. At this week’s RSA Security show, the Trusted Computing Group unveiled a draft specification that will add a simplified version of the chip to storage devices, too. Intended mainly for hard disks and USB flash drives, it can be used for both and portable and networked storage.

Seagate Technology last year launched a laptop drive that automatically encrypted all data at wire speed. At the show, the company announced that this was based on the draft specification, which allows encryption keys to be transferred between drives and the Trusted Platform Module (TPM) chips in PCs.

No other companies have yet announced products compliant with the new trusted storage spec, but that's the promise from the Trusted Computing Group. “There’s a lot more to follow,” says Michael Willett, Seagate’s Director of Research. “Everyone in the storage industry is involved in this.” The group's membership roster includes more than 120 companies, of which 39 are participating in the storage effort.

The spec is still at a draft stage, and so far Seagate only makes one drive with full-disk encryption: the Momentus 400, available in capacities from 40 to 120 GB. But the company has big plans. “It will be everywhere,” says Willett. “We have this on our roadmap for our complete product range.”

The TPM can already encrypt data stored on a PC’s local hard disk, using software provided by the PC manufacturer or third parties such as Wave Systems. Microsoft has also said that this capability will be built into Windows Vista when running on a TPM-equipped PC, through a feature called Secure Startup. However, a standalone TPM limits the data to a single PC: the encryption key is stored on that PC’s security chip, so the encrypted drive is useless if removed.The new trusted storage spec is more flexible, allowing data to be accessed from multiple PCs. It works by putting the encryption key on the storage device itself, but only decrypting data for PCs that can prove their identity using their TPMs. For example, a USB drive could be set to carry data between a person’s home and office machines, but not function when plugged into any other PC.

The spec is also aimed at storage networks, though this will require servers with TPMs. Those are relatively rare, because the main function of the TPM so far has been to encrypt data in case of loss or theft. Around 1 in 10 laptops are ultimately stolen, while servers sit safely inside locked datacenters, so laptops were a priority.

Still, full-drive encryption does have benefits on servers, even those that aren’t connected to storage networks. The most important is that it simplifies disposal of old equipment: A PC or drive can be sold or scrapped with less fear that dumpster divers will be able to access trade secrets or customers’ private data.

“IBM is already shipping some servers with a TPM,” says Clain Anderson, director of security and wireless at Lenova. “We expect to see them become a lot more widespread.”

Critics of Trusted Computing have long warned that it is really intended for consumer DRM, so trusted storage raises obvious fears. Because it requires that a simplified TPM chip travel alongside the encrypted data, it’s unlikely to be applied to media such as CDs and DVDs. However, it or a similar TCG spec for cell phones published last year could eventually be used by music, video or e-book download services to restrict content transferred to MP3 players and other portable gadgets.0