存储安全净化演变.pdf

《存储安全净化演变.pdf》由会员分享，可在线阅读，更多相关《存储安全净化演变.pdf（16页珍藏版）》请在三个皮匠报告上搜索。

1、1|2024 SNIA.All Rights Reserved.Storage Sanitization Recent EvolutionPresented by Paul SuhlerPrincipal Engineer,SSD Standards,KIOXIAChair,IEEE Security in Storage Working Group2|2024 SNIA.All Rights Reserved.AbstractThe need to eradicate recorded data on storage devices and media is well understood,

2、but the technologies and methodologies to do it correctly can be elusive.New standards are being developed that build upon the ISO/IEC 27040(Storage security)and IEEE 2883-2022(Standard for Storage Sanitization)international standards.These provide more clarity for organizations as well as enhanced

3、expectations of what is meant by reasonable security.Standards organizations are improving the coordination of their work,which will provide a more coherent set of standards.This session describes the framework of standards and highlights new capabilities and ongoing developments.3|2024 SNIA.All Rig

4、hts Reserved.Learning objectivesUnderstand new developments in data sanitization and related standards,which standards are of use to the listeners organization,and which standards bodies are addressing different aspects of sanitization.4|2024 SNIA.All Rights Reserved.OutlineVocabularyNew capabilitie

5、sWork in progressThe standards environmentSummaryCall to action5|2024 SNIA.All Rights Reserved.Sanitization vocabulary Sanitization methods(from IEEE 2883-2022):Clear:User data cannot be read from the device.Purge:User data cannot be recovered from media even if the device is disassembled and the me

6、dia read at a low level.Destruct:Device is destroyed and data cannot be recovered from the remains of the media.Purge:All user data in the storage device is eradicated:Including caches,controller memory buffer,persistent memory region,etc.Techniques:cryptographic erase,block erase,or overwriting.Dev