Opal promising interoperable disk-drive security

Next week the Trusted Computing Group, the organization that fosters vendor-neutral standards for the computing industry, is expected to unveil its new Opal security specification for disk drives.

The Opal Security Subsystem Class Specification 1.0, as it's officially called, offers a set of mechanisms and protocols for disk-drive encryption, authentication, configuration and policy management. When implemented in disk drives and supporting client and security-management software, Opal would provide IT managers with flexibility and interoperability in managing computers using Opal.

In theory, Opal-based security management software from any vendor could be used with any Opal-based disk drive, regardless of the manufacturer. At least that's the idea, according to industry proponents backing Opal.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Next week the Trusted Computing Group, the organization that fosters vendor-neutral standards for the computing industry, is expected to unveil its new Opal security specification for disk drives.

The Opal Security Subsystem Class Specification 1.0, as it's officially called, offers a set of mechanisms and protocols for disk-drive encryption, authentication, configuration and policy management. When implemented in disk drives and supporting client and security-management software, Opal would provide IT managers with flexibility and interoperability in managing computers using Opal.

In theory, Opal-based security management software from any vendor could be used with any Opal-based disk drive, regardless of the manufacturer. At least that's the idea, according to industry proponents backing Opal.

"This is a joint effort to come up with a security specification," says David James, vice president of advanced product engineering at Fujitsu, which expects to have Opal support in all of its Notebook drives, both the 5400 rpm and 7200 rpm, during the second quarter of this year.

James says Seagate and Hitachi are also the disk-drive manufacturers working on Opal, as well as a contingent of software vendors, including Wave Systems, McAfee, and Microsoft.

"The basic objective is how do we embed security in the drive, to have encryption and authentication, and do it in a standardized way so it works no matter what drive you have," says Lark Allen, vice president of corporate development at Wave Systems.

Opal provides a way to make sure encryption keys never leave the disk drive and also aren't vulnerable to Windows-based attacks that have been demonstrated in the past, he says. Opal itself is not tied to any operating system and is "OS independent," he adds.

Wave Systems and Fujitsu have demonstrated that Fujitsu's Opal implementations work with the Opal code supported by Wave Systems Trusted Drive Manager software. Much more regarding vendor support and interoperability testing is expected to be heard next week as the Trusted Computing Group shows of Opal.

Read more about security in Network World's Security section.