Active Standard

IEEE 2883-2022

IEEE Standard for Sanitizing Storage

Methods of sanitizing logical storage and physical storage, as well as providing technology-specific requirements and guidance for the elimination of recorded data, are specified in this standard.

Sponsor Committee
C/CPSC - Cybersecurity and Privacy Standards Committee
Learn More About C/CPSC - Cybersecurity and Privacy Standards Committee
Status
Active Standard
PAR Approval
2020-06-03
Board Approval
2022-06-16
History
Published:
2022-08-17

Working Group Details

Society
IEEE Computer Society
Learn More About IEEE Computer Society
Sponsor Committee
C/CPSC - Cybersecurity and Privacy Standards Committee
Learn More About C/CPSC - Cybersecurity and Privacy Standards Committee
Working Group
SIS-WG - Security in Storage Working Group
IEEE Program Manager
Tom Thompson
Contact Tom Thompson
Working Group Chair
Paul Suhler

Other Activities From This Working Group

Current projects that have been authorized by the IEEE SA Standards Board to develop a standard.


P1619
IEEE Draft Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices

This standard specifies the XEX (XOR Encrypt XOR) Tweakable Block Ciphertext Stealing (XTS) cryptographic mode of operation for the Advanced Encryption Standard modes (AES) block cipher for block-oriented storage devices.

Learn More About P1619

P1667
Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices

This standard defines discovery, authentication, and authorization protocols between hosts and storage devices over multiple transport protocols.

Learn More About P1667

P2883.1
Recommended Practice for Use of Storage Sanitization Methods

This document provides recommendations in using the sanitization methods specified in IEEE 2883™ to appropriately sanitize storage media before reuse, resale, or disposal.

Learn More About P2883.1

P2883.2
Recommended Practice for Virtualized and Cloud Storage Sanitization

This document provides recommendations for implementers of virtualized and cloud storage systems that support file and block storage interfaces to facilitate storage sanitization. Use cases for multi-tenancy, self-encrypting devices, and host encrypted storage are defined and recommendations for risk mitigation are provided.

Learn More About P2883.2

P3406
Standard for a Purge and Destruct Sanitization Framework

This standard provides a framework of requirements for implementing the purge and destruct storage sanitization methods.

Learn More About P3406

Standards approved by the IEEE SA Standards Board that are within the 10-year lifecycle.


1619-2018
IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices

Cryptographic transform for protection of data in sector-level storage devices is specified in this standard.

Learn More About 1619-2018

1619.1-2018
IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices

Cryptographic and data authentication procedures for storage devices that support length expansion, such as tape drives, are specified. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.

Learn More About 1619.1-2018

1619.2-2021
IEEE Standard for Wide-Block Encryption for Shared Storage Media

EME2-AES and XCB-AES wide-block encryption with associated data (EAD) modes of the NIST AES block cipher, providing usage guidelines and test vectors, are described. A wide block encryption algorithm behaves as a single block cipher with a large plaintext input and ciphertext output, but uses a narrow block cipher [in this case Advanced Encryption Standard (AES)] internally. These encryption modes are oriented toward random access storage devices that do not provide authentication, but need to reduce the granularity of a potential attack.

Learn More About 1619.2-2021

These standards have been replaced with a revised version of the standard, or by a compilation of the original active standard and all its existing amendments, corrigenda, and errata.


1619-2007
IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices

This standard specifies cryptographic transform and key archival methods for protection of data in sector-level storage devices.

Learn More About 1619-2007

1619.1-2007
IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices

This standard specifies cryptographic and data authentication procedures for storage devices that support length-expansion, such as tape drives. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.

Learn More About 1619.1-2007

These standards have been removed from active status through a ballot where the standard is made inactive as a consensus decision of a balloting group.


1244.2-2000
IEEE Standard for Media Management System (MMS) Session Security, Authentication, Initialization Protocol (SSAIP)

Administratively Withdrawn January 2007 The syntax and semantics of the protocol messages that pass between the MMS clientor MMS module and the MM are described. Since this protocol is only used in the context of theMMS, this standard cannot be understood without a thorough understanding of its architecture asdescribed in IEEE Std 1244.1-2000.

Learn More About 1244.2-2000

These standards are removed from active status through an administrative process for standards that have not undergone a revision process within 10 years.


1619.2-2010
IEEE Standard for Wide-Block Encryption for Shared Storage Media

EME2-AES and XCB-AES wide-block encryption with associated data (EAD) modes of the NIST AES block cipher, providing usage guidelines and test vectors, are described. A wide-block encryption algorithm behaves as a single block cipher with a large plaintext input and ciphertext output, but uses a narrow block cipher [in this case Advanced Encryption Standard (AES)] internally. These encryption modes are oriented toward random access storage devices that do not provide authentication, but need to reduce the granularity of a potential attack.

Learn More About 1619.2-2010

Subscribe to our Newsletter

Sign up for our monthly newsletter to learn about new developments, including resources, insights and more.