Opal Storage Specification

Data storage device security specification From Wikipedia, the free encyclopedia

Remove ads

The Opal Storage Specification is a set of specifications for features of data storage devices (such as hard disk drives and solid state drives) that enhance their security. For example, it defines a way of encrypting the stored data so that an unauthorized person who gains possession of the device cannot see the data. That is, it is a specification for self-encrypting drives (SED).

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)

This article relies excessively on references to primary sources. (May 2017)

This article is missing information about Opalite and Pyrite, two subsets defined by the TCG (& the even simpler TCG Enterprise). (June 2023)

The specification is published by the Trusted Computing Group Storage Workgroup.

Remove ads

Overview

This section does not cite any sources. (May 2017)

The Opal SSC (Security Subsystem Class) is an implementation profile for Storage Devices built to:

Protect the confidentiality of stored user data against unauthorized access once it leaves the owner's control (involving a power cycle and subsequent deauthentication).
Enable interoperability between multiple SD vendors.^[1]

Functions

This section does not cite any sources. (May 2017)

The Opal SSC encompasses these functions:

Security provider support
Interface communication protocol
Cryptographic features
Authentication
Table management
Access control and personalization
Issuance
SSC discovery

Features

This section does not cite any sources. (May 2017)

Security Protocol 1 support
Security Protocol 2 support
Communications
Protocol stack reset commands

Security

Radboud University researchers indicated in November 2018 that some hardware-encrypted SSDs, including some Opal implementations, had security vulnerabilities.^[2]

Implementers of SSC

Device companies

Hitachi
Intel Corporation^[3]
Kingston Technology^[4]
Lenovo^[5]
Micron Technology^[6]
Samsung^[7]
SanDisk^[8]
Seagate Technology^[9]^[10] as "Seagate Secure"
Toshiba^[11]^[12]^[13]

Storage controller companies

Software companies

Absolute Software^[17]
Check Point Software Technologies^[18]
Dell Data Protection^[19]
Cryptomill^[20]
McAfee^[21]
Secude ^[22]
Softex Incorporated^[23]
Sophos^[24]
Symantec^[25] (Symantec supports OPAL drives, but does not support hardware-based encryption.)^[26]
Trend Micro^[27]
WinMagic^[28]
OpalLock^[29](OpalLock support Self-Encrypt-Drive capable SSD and HDD. Develop by Fidelity Height LLC)

Computer OEMs

Remove ads

References

Loading content...

External links

Loading content...

Loading related searches...

Wikiwand - on

Seamless Wikipedia browsing. On steroids.

Remove ads