Industrial
Cyber hardening: this message couldself-destruct
Protecting sensitive information has become such an important issue, it now has a name – cyber hardening. Innodisk, the Taiwanese expert in industrial embedded memory, has pioneered cyber-hardening technology, and as we will see, with their new range of secure flash drives they bring us closer to that ultimate delete key - physical self-destruction
E Level one deterrent: encryption
ncrypting the data provides the first line of defence. Innodisk's 3MG2-P AES series protects on-board data by locking it behind a theoretically unbreakable algorithm. There is nothing around capable of breaking the AES 256- bit encryption and nothing on the horizon either. To access the drive's data, users need not one, but two keys comprised of long passwords. One of the keys is created by the user and the other by the drive itself. The key generated by the drive is never disclosed. Both keys are required to read the data and although it's possible to have a guess, it would take a few trillion years to try all the possible alternatives. The user key is requested whenever the flash drive or SSD (Solid State Drive) is powered up. The drives also feature additional security measures such as re- authorisation from other users to reach deeper levels of data, or they can be configured to work within specific timing conditions. The 3MG2-P AES drives are hardware based so their function as storage devices is unaffected by the unbreakable AES 256-bit encryption.
Access data on a need to know basis thanks to in-built portioning Compliant with the TCG OPAL 2.0 as standard, the 3MG2-P AES drives allow the use of multiple passwords or keys each of which can hold different levels of clearance and alternative modes of data access.
Level two: this message will self-destruct If there is no other option then the destruction of sensitive data is the obvious answer. In terms of the military, intelligence can be everything and other nations and powers will spend huge resources to obtain it.
A drive with an inbuilt mass deletion command isn't just useful for military applications. Imagine a scenario where vast drives are required to be reallocated in short time frame. Maybe an important scientific study where one branch of the project has shown significantly more
www.cieonline.co.uk
promise than another. With a single command, it would be possible to free up drives for reuse in a matter of minutes with no danger of passing on viruses or accidentally passing on classified or confidential material. Nothing left, but a clean slate. Innodisk provides a number of emergency data deletion solutions. Some are stand alone, while others require additional criteria which can be set to comply with the end-user’s standards and governmental legislation.
InnoRobust
InnoRobust is the suite of deletion technologies devised by Innodisk that comprises three types: Quick Erase, Security Erase and Destroy functions.
Quick Erase
Quick Erase is the simplest erase function. Once triggered, a flash erase command is sent, and deletes any data held on the flash memory chips.
A number of flash drives have similar functions. However, concerns have been raised that the simplicity of the procedure could leave residual data, which could be read later. It's possible that a skilled data engineer could still access some information even if it has been overwritten
High voltage is employed completely destroying the flash cells and firmware. This Physical Destroy function ensures data is unrecoverable
a number of times. Because of these concerns InnoRobust offers a deeper level of erase function, Security Erase.
Security Erase Security Erase promises a more thorough cleanse than Quick Erase. The difference is simple; Quick Erase simply sends an internal flash erase command whereas Security Erase actively deletes and re rewrites the flash memory chips in a much more comprehensive manner, often retracing its steps and repeating the process a number of times. Security Erase uses a number of protocols similar to those used by the US military and other intelligence agencies and the exact method is user-selectable.
In the end, Security Erase renders
previous data on a drive unreadable by rewriting it in a way which leaves no trace of the drive’s previously stored data. The only issue with Security Erase is the time factor. Because the process is thorough, it requires much more time to perform a Security Erase than it does to complete a Quick Erase.
Innodisk's 3MG2-P AES Self Encryption Drives, employ an on-board encryption engine which secures data transparently without sacrificing the drives speed
Critical data erasing If time is a critical factor in the removal of data, there is a third option to consider. Quick Erase will only take a few seconds, but can be unreliable. Security Erase is more thorough, but requires minutes or even hours to successfully complete its task. So what do you do, if you need data gone and you need it gone now? We told you this message would self destruct and we're finally there. The InnoRobust Destroy function is designed to work alongside the Security Erase protocol. Designed by Innodisk, this proprietary process effectively destroys the drive's flash memory making any data stored unrecoverable. This final line of defence also destroys any firmware on the drive rendering it useless. The physical destroy function is very much a one-way trip and involves deliberately exceeding the
flash chip's voltage limits. Once applied, the drive is permanently compromised; the data will be unrecoverable and the device cannot be repaired.
In the field: initiating a drive erase operation
An operator can trigger the emergency erase directly or remotely. If the device is to hand then the user need only connect the appropriate set of jumper pins on the rear of the drive. There are two sets of jumper pins on the device, one for a Security Erase and another for a Physical Erase. Activating the jumper manually is a
tricky procedure and is unlikely to be something one could do accidentally, covertly or under pressure. It requires some dexterity and would take time, besides destroying your data and flash drive is not something you would want to do on a whim. In a live action scenario, the user would have a separate station or console designed specially to activate the last chance protocol. This other device could also be fitted with further protection in the form of keys, codes or it might even require dual operators.
Remote triggering
If, in the worst case scenario you need to destroy data which for whatever reason is no longer in your possession, then the Destroy/Physical Erase protocol can be remotely activated. This could be particularly useful if the data is on-board a drone or a similar remote craft. The erase command could be triggered via a wireless signal or activated if the drive lost contact with its base station. There is always a small risk of hijacking or blocking a 'self destruct' signal. These risks can be diminished by introducing a fail-safe system. A drive's Destroy/Physical Erase protocol can also be activated if it senses an unauthorised attack or an attempt to access its files.
www.innodisk.com Components in Electronics September 2017 33
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48
