Storage Security  
 

This Storage Security course provides the student with an introduction to the bevy of storage security features that have been added as extensions to the Small Computer System Interface (SCSI-3) and ATA (SATA) architectures. This course provides an overview of the storage security architecture and data transport technologies that can enhance the security of all storage applications. The student will learn about why security matters, the risks and vulnerabilities within a storage network, what to protect, and how to protect it. This course provides a high level overview of all security concepts including security taxonomy, algorithms, signatures & certificates, key management, encryption and the commands used to secure storage devices.

Course Outline

Security Motivations & Players
Why Security Matters
Security Lifecycle
Risks & Vulnerabilities
What to Protect & Why
An Evolutionary View of Storage Security
Security is not a Spectator Sport
Security Taxonomy
Integrity
Confidentiality
Authentication
Security Algorithms
Integrity:
MAC, HMAC, SHA
Confidentiality:
Symmetric/Asymmetric Key Encryption
AES (Symmetric) / RSA (Asymmetric)
Diffie-Hellman Key "Key Exchange"
Asymmetric Key Protocols
(Authentication)

Digital Signatures & Certificates
Public Key Infrastructures
Security Associations
(Basic Symmetric Key Tool)

Purpose
Creation/ "Contents"
Usage
 

iSCSI (TCP/IP) Transport Security
IKEv2
ESP
Fibre Channel Transport Security
Authentication
Frame Encapsulation
SCSI (& ATA) Security Commands
Basic Commands:
SECURITY PROTOCOL IN
(TRUSTED RECEIVE)
SECURITY PROTOCOL OUT
(TRUSTED SEND)
Security Protocols Concept
Shared Command Security Protocols
IEEE 1667:
USB Solid State Disks
Trusted Computing Group - Storage:
Self Encrypting Drives
SCSI Command Security Protocols
IKEv2-SCSI
SA Creation
Authentication
SA Usage in Parameter Data
SA Usage in CDBs
Tape Encryption Key Management
Capability-based Command Security

Who Should Attend
This course is intended for students that need an understanding of SCSI and ATA Security features prior to embarking on advanced program development, but it may also be useful to managers who wish to obtain a stronger technical map to the SCSI/Storage Security maze.
 
Prerequisites: An understanding of the SCSI-3 Architecture and Commands as well as data storage concepts, current computer interfaces and networks is useful, but not absolutely necessary.
 
Course Length: 1 Day