This document provides recommendations for implementers of virtualized and cloud storage systems that support file and block storage interfaces to facilitate storage sanitization. Use cases for multi-tenancy, self-encrypting devices, and host encrypted storage are defined and recommendations for risk mitigation are provided.
- Standard Committee
- C/CPSC - Cybersecurity and Privacy Standards Committee
- Status
- Active PAR
- PAR Approval
- 2023-02-15
Working Group Details
- Society
- IEEE Computer Society
- Standard Committee
- C/CPSC - Cybersecurity and Privacy Standards Committee
- Working Group
-
SIS-WG - Security in Storage Working Group
Learn More About SIS-WG - Security in Storage Working Group - IEEE Program Manager
- Tom Thompson
Contact Tom Thompson - Working Group Chair
- Paul Suhler
Other Activities From This Working Group
Current projects that have been authorized by the IEEE SA Standards Board to develop a standard.
P2883.1
Recommended Practice for Use of Storage Sanitization Methods
This document provides recommendations in using the sanitization methods specified in IEEE 2883™ to appropriately sanitize storage media before reuse, resale, or disposal.
Standards approved by the IEEE SA Standards Board that are within the 10-year lifecycle.
1619-2018
IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices
Cryptographic transform for protection of data in sector-level storage devices is specified in this standard.
1619.1-2018
IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices
Cryptographic and data authentication procedures for storage devices that support length expansion, such as tape drives, are specified. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.
1619.2-2021
IEEE Standard for Wide-Block Encryption for Shared Storage Media
EME2-AES and XCB-AES wide-block encryption with associated data (EAD) modes of the NIST AES block cipher, providing usage guidelines and test vectors, are described. A wide block encryption algorithm behaves as a single block cipher with a large plaintext input and ciphertext output, but uses a narrow block cipher [in this case Advanced Encryption Standard (AES)] internally. These encryption modes are oriented toward random access storage devices that do not provide authentication, but need to reduce the granularity of a potential attack.
2883-2022
IEEE Standard for Sanitizing Storage
Methods of sanitizing logical storage and physical storage, as well as providing technology-specific requirements and guidance for the elimination of recorded data, are specified in this standard.
These standards have been replaced with a revised version of the standard, or by a compilation of the original active standard and all its existing amendments, corrigenda, and errata.
1619-2007
IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices
This standard specifies cryptographic transform and key archival methods for protection of data in sector-level storage devices.
1619.1-2007
IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices
This standard specifies cryptographic and data authentication procedures for storage devices that support length-expansion, such as tape drives. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.
These standards have been removed from active status through a ballot where the standard is made inactive as a consensus decision of a balloting group.
1244.2-2000
IEEE Standard for Media Management System (MMS) Session Security, Authentication, Initialization Protocol (SSAIP)
Administratively Withdrawn January 2007 The syntax and semantics of the protocol messages that pass between the MMS clientor MMS module and the MM are described. Since this protocol is only used in the context of theMMS, this standard cannot be understood without a thorough understanding of its architecture asdescribed in IEEE Std 1244.1-2000.
These standards are removed from active status through an administrative process for standards that have not undergone a revision process within 10 years.
1619.2-2010
IEEE Standard for Wide-Block Encryption for Shared Storage Media
EME2-AES and XCB-AES wide-block encryption with associated data (EAD) modes of the NIST AES block cipher, providing usage guidelines and test vectors, are described. A wide-block encryption algorithm behaves as a single block cipher with a large plaintext input and ciphertext output, but uses a narrow block cipher [in this case Advanced Encryption Standard (AES)] internally. These encryption modes are oriented toward random access storage devices that do not provide authentication, but need to reduce the granularity of a potential attack.