Title: IEEE Security in Storage Working Group
Scope: The Security In Storage Working Group (SISWG) develops standards that address any aspect of security as it relates to data storage. The work of this group is of interest to storage developers, storage vendors, and storage system operators.
SISWG’s present and past work includes:
- A family of standards on data sanitization: The IEEE 2883 family.
- A family of standards on data encryption methods for storage components: The IEEE 1619 family.
- A standard on Discovery, Authentication, and Authentication in Host Attachments of Storage Devices: The IEEE 1667 specification.
New Standards under Development:
P2883.1 – Recommended Practice for the Use of Storage Sanitization Methods
This standard will provide recommendations to organizations in making choices in the application of sanitization methods. Recommendations will consider risk, feasibility, effectiveness, economics, and environmental consequences.
Status: On 2024-05-27, draft D14 of P2883.1 was submitted to Mandatory Editorial Coordination (MEC).
P2883.2 – Recommended Practice for Virtualized and Cloud Storage Sanitization
This standard will provide recommendations to organizations in applying sanitization methods to virtualized and cloud storage systems. Recommendations will primarily focus on mitigation of risk within constraints posed by feasibility, effectiveness, economics, and environmental consequences.
Status: SISWG has created a subgroup to develop P2883.2.
P3406 – Standard for a Purge and Destruct Sanitization Framework
This standard will provide a framework of requirements for implementing the Purge and Destruct storage sanitization methods.
Revisions under Development for Published Standards:
P1619 – Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices (revision of IEEE Std 1619™-2018)
This standard defines the XTS-AES block cipher for logical block-oriented storage devices, also known as “XEX (XOR Encrypt XOR) Tweakable Block Cipher with Ciphertext Stealing (XTS) cryptographic mode of operation for the Advanced Encryption Standard (AES)”.
This new version of 1619 addresses comments from the National Institute of Standards and Technology (NIST) to improve security of data encrypted, by tightening limits on the amount of data that can be encrypted with a single encryption key. Upon publication of this new revision, NIST will revise SP 800-38E (“Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices”) to refer to the new revision of 1619.
This new version of IEEE 1619 will be of interest to any vendor of block storage devices, especially those devices with capacities in the terabyte range.
Status: Comments from Mandatory Editorial Coordination (MEC) were resolved, and P1619 is now in IEEE SA ballot, which will conclude on 2024-07-10. P1619 is also in public review, which will conclude on 2024-08-09. Public review comments (by non-voters) should be sent by e-mail to the chair.
P1667 – Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices (revision of IEEE Std 1667™-2018)
Published Standards:
IEEE Std 1619™-2018 – IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices
IEEE Std 1619.1™-2018 – IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices
IEEE Std 1619.2™-2021 – IEEE Standard for Wide-Block Encryption for Shared Storage Media
IEEE Std 1667™-2018 – IEEE Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices
IEEE Std 2883™-2022 – IEEE Standard for Sanitizing Storage Media
Meetings:
SISWG meets via WebEx every other Friday from 14:00 to 16:00 Pacific Time.
Membership:
SISWG is an individual membership working group. Members do not formally represent companies or other entities. To join, send an e-mail to the chair, who will send you instructions on how to become a member and how to join the e-mail reflector.