Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Encryption Standards in Slow Lane

When it comes to protecting data, few IT pros would argue against the need for a multilayered, multifaceted approach -- one that includes the encryption of data on disk- or tape-based storage devices. But near term, products that encrypt "data at rest" on storage gear are likely to be strictly proprietary.

To review the problem: Experts warn that stored data is as much at risk of being tampered with, stolen, or hacked as data traversing a corporate LAN or WAN. (See Backup Poses Risk, SANS Warns.) The problem is addressed by a small but robust group of appliance makers. (See Encrypt the Hard(ware) Way.) As well, makers of storage equipment are starting to add encryption as a standard feature. (See Sun Fills in Storage Crypto Details and MaXXan Adds Encryption.) Software vendors, too, are increasingly featuring encryption as an automatic function of backup. (See Backup Encryption Mulled and Atempo Advances Encryption.)

All well and good. But under the covers, problems lurk. It's still a challenge for many shops to adopt encryption in a way that not only protects data but ensures it's searchable and retrievable as needed. (See Building an Encrypted (But Accessible) Archive.) This is because different storage systems use different methods of handling encrypted data, even if they use the same kinds of encryption techniques inside the box.

Two different devices, for instance, can use AES256 to scramble information, but deciphering the data can only be done on a per-device basis, using the vendor's keys.

It would be nice to have a standard way to encrypt data at rest in disk and tape devices. And that's just what the Institute of Electrical and Electronics Engineers Inc. (IEEE) agreed to undertake, when, in August 2002, the group gave the green light to Project 1619, a "Standard Architecture for Encrypted Shared Storage Media."

  • 1