Transferring data from one point to another and carrying them around have become common practice, if not a habit. The end result is a mobile world that now seems to be a breeding ground for serious data theft, like Identity theft, confidential data breach, reports of stolen laptops, lost USB tokens, financial data breach, and unlawful use of personal credentials. In most of these cases, the loss may be irreparable, and for companies and individuals these may mean losing the public’s trust and loss of competitive information.
As part of Data loss Protection, there is a dire need for a Secure Drive that should provide User authentication, access control, transport security and secure Data storage.
This document will herein refer to this system as SecurDriveand will form the basis for documenting the Hardware / Software system requirements.
SecurDrive is a safe security solution implemented as a combination of hardware and software components.
Free EEPROM of 65Kb available for key storage.
MLC based flash storage space of 4GB
TYPE A USB plug Form factor
Generic USB-HID host interface.
Smartcard Cryptographic Engine supporting RSA up to 2048 bits, DES, AES, HMAC, SHA1 and SHA2 algorithms and file system wi.th partition.
API library supporting secure/non secure file system and device operations.
Flash memory secure storage implemented as hardware based AES 256 bits encryption.
The flash memory appears in the OS as a virtual drive called Private. All data stored on the device is encrypted.
The data on this drive can be locked, so that it can be accessed only by presenting the correct passphrase.
A “Resize” function that enables you to redistribute the memory between the secure storage area called Private and the public storage area, called Public.
Admin & User Logins
Device stores the encryption key (that you use to encrypt data files) safely.
Change user/Admin PINs
Critical Security Parameters
AES Data Storage Key: 256 bit AES key used to protect data in flash
Card Admin Key: 192-bit Triple-DES key used to authenticate card administrator
Storage Admin Key: 192-bit Triple-DES key used to authenticate storage administrator
User PIN: 4-256 char length, for Authenticating the User
Seed and Seed Key: Initializes the RNG
SecurDrive Device will be a MS Windows™ & RHEL 5.1 based solution. As an optional customization we can also provide a comprehensive set of APIs compatible for application development.