Security Basics mailing list archives
Re: [unisog] OT: Putting Encyption Functions in the HDDs
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Fri, 28 Apr 2006 14:47:44 -0700
I know it might be early to ask, but anyone tried them in a corporate environment? I'm curious to know how a global key management can be achieved? What if someone leaves and does't disclose their password,
A paper available at http://now.eloqua.com/eloquaimages/clients/Seagate/{aa786575-884c-4601-8797-a6ea0e1fbe68}_TP-541_-_Seagate_FDE.pdf or http://fde.seagatestorage.com/ talks about this. It is possible to escrow the keys or create a master password.
I guess those drives must be tightly integrated with the laptop itself? Via some sort of trusted computing controler? If so, what laptop vendors do support this? Probably IBM... but how about others?
As far as I know it NOT dependant on the controller. So any computer should support it.
Passwords are not too safe so how about smart card support? How does that work? Again probably very integrated with the laptop.
You can always use 2-factor authentication instead of static password. Seagate's FDE drives can use biometric, RSA token, or smartcards. This was demo at CeBIT using TiDoCoMi from Secude. See http://www.xml-dev.com/lurker/message/20060425.142230.0ba0d4b8.en.html for an article that discusses this.
Anyone had a chance to "play" with those drives in a real world environment? Many thanks!
Not yet!! But waiting impatiently :) -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ----------- ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Re: Re: [unisog] OT: Putting Encyption Functions in the HDDs securityfocus (May 01)
- Re: Re: [unisog] OT: Putting Encyption Functions in the HDDs Saqib Ali (May 01)
- <Possible follow-ups>
- Re: [unisog] OT: Putting Encyption Functions in the HDDs Saqib Ali (May 01)
- RE: [unisog] OT: Putting Encyption Functions in the HDDs Thomas D. (May 01)
- Re: [unisog] OT: Putting Encyption Functions in the HDDs Saqib Ali (May 20)