Hu Yoshida

Storage security must be designed in from the beginning

Blog Post created by Hu Yoshida Employee on Nov 7, 2014

Mar 12, 2014

 

Storage security is getting more attention as I outlined in my top 10 trends post in December. In that post I talked about the availability of data encryption in the backend directors of Hitachi storage systems, VSP, HUS VM and HUS 150 with local or external key management. This encryption was designed into our storage system as well as many other security and privacy features. Security is not something that you can bolt on as an after thought.

 

The advantage of our data encryption is that it is designed into our backend directors and can provide data encryption using the latest AES 256 in XTS mode. AES 256 stands for Advanced Encryption Standard with a 256-bit key. XTS mode is an encryption algorithm for disks, which includes the cryptographic key, the data itself, and the sector number where the data is stored, and the block number within the sector. Since the encryption is done in the backend director any disk attached to that back end director can be encrypted including flash drives from any vendor. If your storage system does not have this capability in their design, the alternative is to use self-encrypting drives, which require additional management and procurement costs for self encrypting versus non self encrypting drives. Unfortunately if you plan to use flash, there are no self-encrypting flash drives that I know of.

Hitachi storage systems support a simplified key management approach for key protection, backup, and recovery for those customers that do not have an existing key management infrastructure in place. For those customers that have a formalized key management infrastructure already, support is provided for the Key Management Interoperability Protocol (KMIP) for backup and recovery of data encryption keys, as well as trusted source operations, that will integrate with many key management products on the market today. Encryption and key management events are logged in Hitachi storage systems as part of the logging process. It is not known how logging is done for self-encrypting drives

Audit logging has been designed into our enterprise storage arrays as far back as 2005. Audit logging provides the traceability of security events on any device as a standard requirement in any regulated environment.  The audit logging capabilities include the ability to internally or externally log security events.  External audit logging is done via Syslog on an event driven basis with time and date stamping.

Multi-Tenancy is another key feature that was designed into the architecture of our storage product.  This was designed with storage virtualization in mind. Rather than using multiple storage systems for physical separation of resources, resource partitions allows for multiple users to safely coexist on a single storage system without the risk of activities in one region affecting performance, availability, or privacy in others.  This functionality leverages the virtualization capability of our VSP and HUS VM to implement consolidation strategies in a manner that enables secure access for applications, storage administrators, applications, and business units while supporting mainframe (VSP only) and open systems environments simultaneously.  Resource partitions can horizontally or vertically segment VSP or HUS VM enabling management flexibility, while leveraging existing directory service infrastructure (AD/LDAP) for management access control

Our enterprise storage systems as far back as 1996 were designed with the separation of control data cache from user data cache. This separation enabled the ability to configure the data cache on the fly and eliminate the need to take the system down to remap the cache when the storage configuration was changed. This separation of control and data also made it possible to provide secure remote maintenance. If a remote service representative called into the storage system to diagnose a problem, he could only see the data in the control data cache, and never see or touch the user data cache. Other storage vendors store control information in their user data cache, which exposes their data to external service providers.

These are a short list of security features that were designed into Hitachi storage systems, going back through many generations of our products.  Some feature like encryption can be done outside of the design by adding self encrypting disks, but that does not leverage the other features in the design like audit logging. Other features like multi-tenancy, and separation of control from user data must be designed in the basic architecture from the very beginning. For added assurance Hitachi certifies their storage systems with ISO common criteria certification. This certification requires the use of “positive security engineering at the design stage”

Outcomes