peerless drm and enterprise security-enabled removable data storage cartridges
DESCRIPTION
A discussion of security issues and architectures for removable data storage.TRANSCRIPT
Peerless DRM and Enterprise Security-Enabled Removable Data Storage Cartridges
A discussion of security issues and architectures for removable data storage.
Fred Thomas, Chief Technologist, Adv. R&D, R&D
RSA Conference 2002
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
2
• The Presenter – Fred Thomas
• Iomega Involvement – Who is Iomega?
• Topics – Peerless – Peerless Latent Data Security Features– Data Security Applications for Removable Storage
• Peerless DRM Solution Discussion• Peerless Enterprise/Government Centric Data Security
Solution Discussion– Synopsis of message
Overview of Today’s Presentation
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
3
Peerless Description
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
4
General• Disk Storage Capacity• Operating System Compatibility
– USB– IEEE 1394
• External Connections– USB– IEEE 1394
10GB or 20GB Windows 98 / Me / 2000, Mac OS 8.6 - 9.xWindows 98 SE/ Me / 2000, Mac OS 8.6 - 9.x USB connector(2) 6-pin 1394 connectors
Peerless Specifications
Performance
• Average Seek Time
• Typical Start/Stop time
• Average Data Transfer Rate
– USB
– IEEE 1394
• Segmented Buffer with write cache
• Rotational Speed
112 ms (read), 13 ms (write)
3.0 sec
Up to 1 MB/sec
Up to 15 MB/sec
2MB - Upper 174KB is used for Firmware
4200 RPM
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
5
Peerless Latent Security Features
• Secure Memory Device (SMD) with cryptographic authentication (SmartCard Technology) in Peerless data storage cartridge.
• Asymmetric encryption keys and strings embedded in SMD.
• Drive µP capable of host PC isolated asymmetric string encryption.
• Factory encryption of cartridge unique media serial number with private key series for cartridge seeding.
• Unalterable media serial number – In SMD and on media.
• Cartridge based latent irradiance tag authentication system.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
6
Peerless Block Diagram
Inertial Latch
Voice Coil Motor
Spin Motor
Pre-Amp
Secure IC
ESD Protectio
n
Eject Mechanis
m
Motor
IDTag
IDCircuitry
External Memory
Read Channel
VCM Driver
Spindle Driver
Micro-Cntrlr
ROM
RAM
LCD
Micro-Cntrlr
Logic
RAM
Power Supply
IDE Slave I/O
Expansion
LED
Power Electronics
ROM
Logic
Peerless Cartridge
Jasper DE
Cartridge Flex
HDD PCA
Drive PCA
Connector PCA
Peerless Drive
Interface Module
Bus Switch
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
7
Data Security Applications for Removable Data Storage
• DRM (Digital Rights Management)
• Enterprise Secure Drive Product– Address the data security needs of the
enterprise/government organization, not the individual.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
8
What is DRM?
• Digital Rights Management.
• In this context, DRM means the use of technology to protect copyrighted information in digital form.– e.g. Music, Video, Publications– Technology Objectives: Check-in Check-out, Limited device play
capability, tracking of content owners, limited digital copying, tying content to limited hardware, etc.
• The industry players driving DRM are the “Content Providers.”– BMG Entertainment, Sony, EMI Capitol Records, Universal Music
Group, … etc.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
9
• DRM Roles:– Content Providers– Security Technology providers (H/W, encryption: RSA, Certicom,
Atmel, DigiMarc, etc.)– DRM Secure Delivery providers (Host Software: Liquid Audio,
InterTrust, MicroSoft)– DRM Enablers (Device Mfgrs: Iomega, MicroSoft, SanDisk,
Diamond Rio, etc.)– DRM Killers (Napster, open environment computers, internet,
hackers ..)
• Iomega perspective: Iomega should address the basic DRM problem from a removable
media provider’s perspective in a robust manner, but also in a manner that is as user/customer non-intrusive as possible.
What is the Role of Removable Data Storage Drive/Media Manufacturer In the DRM Landscape?
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
10
• Removable Data Storage Drive/Cartridge’s DRM Role:
Pass a unique*, unaltered and authenticated media serial number (MSN) from an Iomega data cartridge to a third-party DRM Software application upon an invoked authenticated MSN transfer call by the third-party DRM Software application. This should be done without the requirement for Internet connectivity.
*At present all Iomega removable magnetic media has a unique media serial number encoded on it.
What is the Requirement of DRM from Removable Data Storage?
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
11
The Removable Data Storage Secure Pipe Problem
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
12
Peerless SMD Contents
MS# - Peerless Media Serial #
DK - Drive Private Key # (1 of numerous loaded at
factory off of trade-secret list)
DKI# - Drive Private/Public Key Index number FEMS# - Factory Encrypted MS# (asymmetrically encrypted at Factory with trade-secret private key list L4)
FKI# - Factory Private/Public Key Index Number
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
13
A DRM Protocol for Peerless
1) Use DKI# to get DK to decrypt ES1.2) Check for R#1 in ES1.3) Use FKI# to get FK to decrypt FEMS#.4) Compare result with MS#.5) If match - AT is complete!
DRM CapableThird-PartySoftware
Application withIomega AMC
Toolkit
IomegaSoftware Driver
IomegaRemovableMedia Drive
Iomega DataStorage Media
Down the Pipe Events Up the Pipe Events
1) Generate R#1 (Random #1)& store2) Invoke AT (AuthenticatedTransfer)
AT, R#1
1) Generate R#22) Store R#1 & R#2
AT, R#1, R#2
1) Recieves AT request.2) Checks cartridge phophor tag.3) Authenticates with SMD.4) Fetches MS#, DK, DKI#,FEMS# & FKI# from SMD.
SMD authenticationvariables.
SMD authenticationvariables followed by
MS#, DK, DKI#, FEMS# & FKI#
1) SMD authentication responsecalculation.2) Physical reading of media MS#by actuator.3) Phosphor tag glows inappropriate manner.
1)Compares SMD MS# with mediaMS#.2) Asmmetrically encrypt MS#, R#1,R#2, FEMS# & FKI# using DK toproduce ES1.3) Pass ES1 & DKI# to IDS.
ES1, DKI#
1) Use DKI# to get DK to decrypt ES1.2) Check for R#1 & R#2 in ES1.3) Pass ES1 & DKI# to TPS.
ES1, DKI#
A Peerless Path to Robust DRM Support Capability
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
14
Why an Enterprise Centric Secure Removable Data Storage Product?
• Allows utility of cartridge-based removable data storage technology into corporate, university & government computing environments where removable storage is seen as a liability at present due to information security considerations.
• A seamless solution which supports a spectrum of data security solutions as a core building block.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
15
Specific Enterprise Secure Drive System Objectives
• Provide enterprise centric security solution, not individual centric solution
• Data transportability within the enterprise while addressing the “Dedicated Insider Threat”
• Maintain ability to physically secure data and enhance this attribute• Incorporate linkage and support of user authentication and tracking
in disk file management• Secure and authenticated drive data transfers• Manage “possible” security lapses in future - updateable system• Provide enterprise centric Digital Rights Management (DRM) –
Secure Pipe• Transparent compatibility with other data encryption software• Low cost solution / do not re-invent the wheel / use existing
technology
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
16
Enterprise Secure Drive Building Blocks
• Encryption (Symmetric vs. Asymmetric)• Authentication (Hash Function, Digital
Signatures & Biometric)• Distribution of security• Physical linkage (Smart Card Secure Memory
Devices)• Migration capable • RF tag technology• “Non-exposed” security mechanisms
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
17
The “Cash in the Bag” Problem
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
18
Peerless Enterprise Drive Distributed Encryption Key Implementation
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
19
Conclusions about Security Market from the Perspective of Removable Data Storage
• Hard to see path to DRM revenues from removable data storage supplier perspective at present.
• Enterprise Secure Drive product may be a large niche market for Iomega with long legs into the future.
• From a technology development perspective, both robust DRM and Enterprise security for removable data storage can be addressed with many of the same tools and resources. Co-development recommended.
• To most effectively address and sell to this market, Iomega should seek an appropriate E-Security partner.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
20
Objectives of Today’s Talk
• Create an awareness of Peerless and other Iomega removable storage devices fielded data security technologies within the E-security community.
• Explore possible routes to commercializing this new class of security features embedded within removable data storage devices. We are looking for a partner/partners with a strong presence in the enterprise/government data security marketplace, with a focus on hardware solutions. This partner/partners would provide resources to help evaluate, develop and sell a secure removable data storage solution for this market.
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
21
Iomega Contact Information
Business Contact:
Tim Dammon
Product General Manager
Iomega Corporation
4435 Eastgate Mall
San Diego, CA 92121
Phone: 858-795-7049
Fax: 858-795-7004
Email: [email protected]
Technical Contact:
Fred Thomas
Chief Technologist, Adv. R&D, R&D
Iomega Corporation
1821 West Iomega Way
Roy, UT 84067
Phone: 801-332-4662
Fax: 801-332-1030
Email: [email protected]
Feb. 21, 2002 Fred Thomas, RSA Conference 2002
22
Have a Good Day!