Dec 27 -- The Institute of Electrical and Electronics Engineers Inc. (IEEE) has approved two new standards regarding the encryption of data on computer hard drives and other storage devices. The standards will establish systems of protection for financial, consumer, military and medical data, IEEE said last week.
The first standard, IEEE 1619 "Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices", addresses data storage on disk drives, IEEE said. The second approved standard, IEEE 1619.1 "Standard for Authenticated Encryption with Length Expansion for Storage Devices", deals with data encryption on enterprise-class tape drives, it said.
The IEEE is a global technical professional society. Through its more than 370,000 members in 160 countries, the organization is a leading authority on a variety of areas ranging from aerospace systems, computers and telecommunications to biomedical engineering, electric power and consumer electronics, IEEE said. Dedicated to the advancement of technology, the IEEE publishes 30 percent of the world 's literature in the electrical and electronics engineering and computer science fields, and has developed nearly 900 active industry standards. The organization also sponsors or co-sponsors over 450 international technical conferences each year, it added.
The IEEE Standards Association is a globally recognized standards-setting body, which develops consensus standards through an open process that brings diverse parts of industry together, IEEE said. These standards set specifications and procedures based on current scientific and technological consensus. The IEEE-SA has a portfolio of over 870 active standards and more than 400 standards under development, it said.
These standards were developed by an international team of storage technologists, cryptologists and cryptographers, according to the IEEE Security in Storage Working Group (SISWG) and the 1619.1 task group. These standards will help companies to comply with the data-protection requirements of legislation such as the Sarbanes-Oxley Act and California's SB 1386, it added.
With the approval of the 1619 and 1619.1 standards, the IEEE has simultaneously reinforced the importance of securing storage technologies and ecosystems, as well as offered specific mechanisms that can be used to protect sensitive data, SISWG said. IEEE's continued leadership associated with security in storage is critical to the on-going efforts to combat the threats against data, it added
Security in storage impacts all kinds of financial transactions, third-party storage of corporate data, military operations, healthcare information, and all other segments of the critical infrastructure of society, according to the IEEE Information Assurance Standards Committee, which co-sponsored the development of the standards.
These standards were developed over a period of several years, involving effort from many experts with multiple focuses of interest, IEEE said. These standards also provide a blueprint for developing encryption systems for storage which are trustworthy and secure, due to the multiple reviews the standard went through, and interoperable, because if everyone uses the standard they can create systems which work together, it said.
IEEE 1619 and 1619.1 are the third and fourth IEEE security in storage standards, following on the heels of IEEE 1667 (2007) "Protocol for Authentication of Transiently Connected Storage Devices" and IEEE 1244.2 (2000) "Media Management System (MMS) Session Security, Authentication Initialization Protocol (SSAIP)", IEEE said.
