|
|
|
On-Demand Webinar |
|
 |
|
|
|
|
| Trusted Storage - Why You Need Security in Storage and How to Make Storage Secure |
|
Overview:
Today's news is filled with stories of lost hard drives and stolen notebook PCs containing private personal data, critical corporate information, and even national security secrets. How can such loss and theft be prevented by the system itself? Storage systems, such as disk drives, as well as tape, optical, and flash devices, are often critical components of a security, privacy, and trust configuration of a computing platform. In fact, data spends most of its productive life in storage. So, the logical next step is to embed security directly into storage devices, such as device-embedded encryption for protection against loss or theft.
This Webinar provides a framework with which to understand why and how storage should be secured and transformed into inherently trusted devices. The TCG Storage Specification provides the technical details for developing a trusted storage device, as well as how computing platform-based applications can exploit those trust and security functions. Secure and trusted storage contributes a critical element to an overall trusted platform.
Attendees will learn:
- What is the problem of trust with mobile computing?
- Software vs hardware encryption
- Use cases that highlight the technical requirements being solved by the formal specifications
- TCG's specification for secure and trusted storage including relationships and cooperation with other industry storage standards (eg, SCSI and ATA, SNIA)
- Adoption in the enterprise and next steps
Who should attend:
- Developers of hard drives and other storage subsystems
- Notebook and desktop system designers
- Application developers who want to exploit storage-based security
Presenters:
David Hill
David Hill is the principal at Mesabi Group. Prior to founding Mesabi Group, Hill was the Vice President of Storage Research and founder of the Storage & Storage Management practice at the Aberdeen Group.
Before Aberdeen, Hill spent many years at Data General where, among other activities, he directed Data General's internal IT data centers as well as managed the introduction of new analytical tools and business systems. While at EMC, he carried out strategic marketing, competitive analysis, sales force planning, and market forecasting. David has an advanced degree from the Sloan School at the Massachusetts Institute of Technology.
Dr. Michael Willett
Dr. Michael Willett received his bachelor's degree from the United States Air Force Academy and masters and doctoral degrees in mathematics from North Carolina State University.
After a career as a university professor of mathematics and computer science, Willett joined IBM as a design architect, later moving into IBM's Cryptography Competency Center. After retiring from IBM, Dr Willett joined Fiderus, a security and privacy
consulting practice (later bought by EDS); subsequently, he accepted a position with Wave Systems, helping to design programmable cryptographic chips and trust assurance networks. Currently, Michael is on the research staff of Seagate Technology, exploring future projects in security and privacy as well as serving on several external standards bodies, including the Trusted Computing Group (TCG). Within TCG, he is co-chairman of the Storage Work Group.
Willett is also chair of the Privacy Framework Project of the International Security, Trust, and Privacy Alliance, developing an operational framework for converting the fair information practices into privacy services and mechanisms.
|
|
|
|
| The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft. The group's storage work group is developing standards and practices for defining the same security services across dedicated storage controller interfaces, including but not limited to ATA, Serial ATA, SCSI, FibreChannel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP), and iSCSI. |
|
|
|
|
|
|
