Military scouts best ways to protect stored data
Encryption, solid-state drives hold most promise
Information security in the predigital age involved physical barriers, locks and guards. Modern data systems are more secure — yet also more vulnerable — than the acres of file cabinets they replaced.
The Defense Department has spent a lot of time and money on technologies to keep its classified and unclassified content secure. The need to protect that information now and migrate it to new systems in the future influences DOD's acquisition decisions.
The primary agency responsible for managing, storing and securing military data is the Defense Information Systems Agency. One of DISA's major challenges is dealing with massive amounts of information across a range of security classification levels, said Kerry Miller, branch chief of DISA Computing Services’ engineering design group in Denver, Colo.
DISA has turned to a variety of technologies, such as systems with built-in encryption, to deal with that security problem. Miller said several vendors incorporate encryption in their hardware, which then eliminates the need for external encryption/decryption systems. Built-in encryption can protect data on physical media such as hard drives and laptops. If a portable device is stolen or lost, the data remains protected and is difficult to extract, he said.
Built-in encryption also protects data from equipment failure. If an unencrypted disk that contains classified information goes bad, an adversary might still able to retrieve at least some data. Miller cited the example of a disk containing payroll data. A thief might not be able to read the entire disk but could still access a few Social Security numbers.
But by encrypting data on the hardware as it is recorded, the information will be much harder to access if it falls into the wrong hands, Miller said. That is important to DISA because the agency works with classified and unclassified but sensitive data, such as payroll information and medical information, on its networks.
Tagging and migrating data
DISA also is looking at data tagging for storage media. Tagging allows users with certain privileges to access specified data. Miller expects data-tagging technology to become more powerful and efficient, which would greatly enhance security.
Miller said access authentication problems are “probably the bane of our existence today.” He said authentication was not previously viewed as a major problem, but recent threats such as identity theft and terrorism coupled with the prevalence of more open and accessible processing platforms create more concerns. “Today, with a few thousand dollars at home, anybody can potentially tap into your environment and steal your information,” he said.
Older media also remains a problem. Miller said DISA Computing Services regularly migrates data to new storage technologies and works to eliminate data that no longer has any value. But he added that the agency must store important information to satisfy regulatory or mission requirements. “We’ve actively worked with our customers over the years to migrate that data to the newer form factors,” he said.
Miller said that when DISA designs computer systems, redundancy and security are built into them as standard procedure. Storage systems also are segmented among applications to separate data types, and classified systems are detached from unclassified information. DISA also has media destruction contracts with vendors to eliminate old or defective storage media.
DISA also has an aggressive technology refresh program to keep information up to the latest standards. “We try not to be on the bleeding edge because, being on the bleeding edge, you tend to fight through a lot of problems and you’re…debugging systems for the vendor community,” Miller said. The agency waits until a technology is proven in the marketplace. However, he said DISA tries to refresh its technology every three to four years to keep up with the latest technology.
Navy moves to secure its data
Another example of an enterprisewide DOD network with data storage security needs is the Navy Marine Corps Intranet. As the Navy’s primary IT network, NMCI has been at the forefront of developing and implementing security technologies and initiatives, said Capt. Shawn Hendricks, program manager of naval enterprise networks.
In February 2007, NMCI began a series of 16 major information assurance programs to fix known security deficiencies and keep pace with rapidly growing cyber threats. The programs used an approach that applied layered security mechanisms to protect the network. Hendricks said that method extends across the NMCI infrastructure, from the network perimeters to server farms and users' workstations. One of those capabilities is a data-at-rest (DAR) program deployed to all NMCI users to increase the security of their data, files and folders.
The DAR deployment began in February 2008. Hendricks said it consists of an encryption security system provided by Symantec, which acquired the system from GuardianEdge Technologies. The system ensures users comply with DOD and Navy mandates designed to protect data at rest. The capability also reduces the risk of unauthorized access to data. The DAR program includes full-disk encryption of hard drives and removable storage encryption. He said NMCI's DAR system can scan 1 quintillion keys per second for security. “An attacker would require [thousands of] years to successfully defeat the disk encryption key,” he said.
The DAR encryption operates in the layer between a computer’s operating system and physical disk. Supporting disk management utilities can't bypass the DAR system to directly modify a disk or the data will be lost and the hard drive damaged. For example, if an encrypted hard disk is repartitioned using standard utilities, the utility must account for the DAR system or risk overwriting critical DAR file tables and breaking the drive, Hendricks said. He said that this example demonstrates that important improvements remain before the DAR system can be seamlessly integrated with disk management utilities. “In the near term, where automated protections are yet to be developed by the DAR vendor, NMCI employs other processes to ensure compliance,” he said.
The Navy also is evaluating the pricing and development of solid-state drives and self-encrypting drives, said Dennis Hayes, chief technologist for the enterprise services division at Hewlett Packard’s U.S. defense business, which supports NMCI. However, there are some complications with the technology. He said although self-encrypting drives move the encryption process to a drive's firmware, it introduces issues with key management. For example, because the GuardianEdge software has a coupled server and client component that communicate with each other to approve keys, a drive is unreadable if a key gets lost.
“With hardware-based encryption, it’s unclear which key management scheme we could use, whether we could continue with the one we have or would we be looking at a generalized key management scheme that would be managing keys for all sorts of things — not just hard drive keys,” he said.
Hayes said solid-state drives need to become less expensive before the Navy can buy them in bulk. He said those drives manage data differently from rotating drives because they use flash memory to move stored data to the upper file system. However, the Navy is unsure about how robust a software encryption scheme needs to be for such drives given that the firmware in the drive is moving the data, he said.