Regulatory and data privacy compliance requirements are growing with the unfortunate prevalence of criminal data breaches, accidental data loss and purposeful or inadvertent data exposure. Adding to the problem, the amount of data being stored is increasing at an exponential rate. Tom Coughlin, founder of the storage consulting firm Coughlin Associates, projects that by 2015, data storage in various locations will include a petabyte (1,000,000,000,000,000 bytes) in the home and exabytes (1,000,000,000,000,000,000 or a billion billion bytes) in data centers. In 2006, the world's computers generated and processed 161 exabytes of data.

Sensitive data spends most of its productive life in storage devices. This sensitive data, vital to the competitiveness and viability of modern business, must be secured. Effective storage system security relies upon a key management system that protects data from disclosure, modification or loss, whether the data becomes part of a permanent archive or is needed for only a fraction of a second. In fact, according to research by Trusted Computing Group (TCG), 50 percent of IT professionals believe encryption of data at rest to be more vulnerable that encryption of data in flight.

To help solve the problem of data loss and associated financial, repudiation, and governmental compliance issues, TCG formed the Storage Work Group (SWG), which has defined security services across dedicated storage interfaces. The resulting open and widely available specification encompasses ATA, Serial ATA, SCSI, Serial Attached SCSI, Fibre Channel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP) and iSCSI technology, and various storage mechanisms, including hard drives, optical, tape and flash devices. Vendors are starting to implement this specification in products such as full disk encrypting drives and the group is beginning to address security for optical devices.

The TCG's storage specification recognizes that organizations attach trusted storage devices to a host computer. It also recognizes that storage policies become a priority in securing control of storage devices through deliberate location of storage hardware and/or data encryption. In addition, the TCG recommends secure, session-oriented messaging to storage devices using passwords and digital keys.

To expand on the notion of key management services as they related to the TCG storage specification, TCG recently established the Key Management Services Subgroup to pursue specific methods of managing cryptographic keys for storage devices. The full lifecycle of keys — generation, management, transmission, and disposal — is being explored. The subgroup is initially focused on storage devices and data at rest.

KEY MANAGEMENT CHALLENGES

For data to be truly secure, management of keys has to be foolproof and transparent to data users. Just as data security is threatened by disenfranchised employees seeking harm or profit from the disclosure of sensitive information, electronically stored assets are at risk if system administrators are unaware of key-protected datasets or if access is unavailable.

Encryption provision must be an accepted part of IT's information management practice. Their implementation must be bilateral so the network administrator can account for every application of the keys and manages their use, although this does not mean the network administrator has access to the data protected by the keys. In addition, a common authority for key management enables data security audits, nurtures a standard for key distribution and helps ensure sufficient protection under a key architecture.

The problems of key management are not only technical. IT employees, given the responsibility for key management, must be recognized as trusted stewards within the organization for key management to work. Data owners, sensitive to the privacy of their information assets, will want assurance of privacy. Part of TCG's key management services effort is to address the accountability of the key management structure so that every stakeholder is confident about the integrity of the data security system.

The TCG Storage Specification enables applications to take advantage of a number of established and well known trust and security services, including cryptography, public key cryptography, digital signatures, hashing functions, random number generation (RNG) and secure storage. These services require several different types of keys:

Signature verification key
Secret authentication key
Long-term data encryption
Key encrypting another key used
Key for key wrapping
Signing key
Private authentication key
Short-term data encryption key
RNG key
Key transport public key
Secret authorization key
Private authorization key

KEY MANAGEMENT: AN APPLICATION

Key management is the complete set of operations necessary to nurture and sustain encrypted data and its associated keys during the key and data lifecycles. A key management system is an implementation of all or parts of these key management operations.

As with any organizational operation, effective key management demands policies that incorporate business security requirements into a process that includes comprehensive key creation, assignment, distribution, maintenance, elimination and retirement. These key management policies ensure that the use of any key will result in auditable records, which in turn, assures security enforcement effectiveness

With the publication of TCG's Storage Specification, the key management subgroup has been tasked with defining a uniform approach to managing keys across storage devices. This effort includes defining key management operations to sustain encrypted data and its associated keys; outlining key management audit processes, and leveraging the TCG storage specification protocols and techniques for secure communications. Additionally, the group will recommend appropriate procedures, protocols and client application program interfaces (APIs) to implement authentication, discovery, and communication procedures.

TCG's key management efforts, as outlined in a new application note available November 2007 at https://www.trustedcomputinggroup.org/ groups/ storage/, address:

Secure communication between the storage device and the host system.
Authentication between the storage device and the host system.
Discovery of the storage device capabilities.
Compliance with existing data security regulations
Flexibility to comply with future state and federal legislation.

Standards for key management and their application to systems and operations formalize the purpose of this IT responsibility. With a common framework for key management in place, IT can take centralized control of secure storage keys, acting as a clearinghouse service for stored data access rights, distribution of keys, backup and restoration of key material, deletion or destruction of key material, audit of the individual key's lifecycles, reporting of secure storage alerts, and enforcement of key policy.

Government, medical, legal, insurance, pharmaceutical, financial services and banking sectors need key management services and standards. The work of TCG and its members will allow users to implement key management operations that enable appropriate levels of data interaction and security:

Storage through multiple internal and external trusted devices.
Key generation by request or automated rules.
Audits of key usage
Storage and retrieval of keys.
Modification of keys
Search for assigned keys.
Documenting key access rights
Disabling and/or destruction of keys. ENS