P1619 safeguards data at rest

Proposed standards protect information on disk and tape.

For the past few years, banking, credit and retail industries have been rocked by one massive data theft after another. The common thread: The data was not encrypted and thus was available to criminals looking to steal private identity and financial information.

To counter this disturbing trend, the IEEE Security in Storage Working Group (SISWG) is developing two related standards that use encryption to protect stored data, known as data at rest. The first, P1916, is nearing completion; it sets out to protect data stored on disks. The more recent standard, P1619.1, is for protecting data stored on tape.

Work on the disk security standard began almost four years ago with an investigation into how the challenge should be addressed. Encryption was regarded as the most straightforward and reliable means of data protection, but it was problematic because 512-byte disk blocks contained no extra space to insert traditional cryptographic computations known as integrity check values (ICV). Another method had to be found to protect the data.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

For the past few years, banking, credit and retail industries have been rocked by one massive data theft after another. The common thread: The data was not encrypted and thus was available to criminals looking to steal private identity and financial information.

To counter this disturbing trend, the IEEE Security in Storage Working Group (SISWG) is developing two related standards that use encryption to protect stored data, known as data at rest. The first, P1916, is nearing completion; it sets out to protect data stored on disks. The more recent standard, P1619.1, is for protecting data stored on tape.

Work on the disk security standard began almost four years ago with an investigation into how the challenge should be addressed. Encryption was regarded as the most straightforward and reliable means of data protection, but it was problematic because 512-byte disk blocks contained no extra space to insert traditional cryptographic computations known as integrity check values (ICV). Another method had to be found to protect the data.