8.0ABOUT SELF-ENCRYPTING DRIVES
The Trusted Computing Group (TCG) is an organization sponsored and operated by companies in the computer, storage and digital communications industry. Seagate’s SED models comply with the standards published by the TCG.
To use the security features in the drive, the host must be capable of constructing and issuing the following two SCSI commands:
•SECURITY PROTOCOL OUT
•SECURITY PROTOCOL IN
These commands are used to convey the TCG protocol to and from the drive in the appropriate command payloads.
8.1DATA ENCRYPTION
Encrypting drives use one
The
8.2CONTROLLED ACCESS
The drive has two security providers (SPs) called the "Admin SP" and the "Locking SP." These act as gatekeepers to the drive security services.
8.2.1Admin SP
The Admin SP allows the drive's owner to enable or disable firmware download operations (see Section 8.4). Access to the Admin SP is available using the SID (Secure ID) password or the MSID (Manufacturers Secure ID) password.
8.2.2Locking SP
The Locking SP controls read/write access to the media and the cryptographic erase feature. Access to the Locking SP is available using the BandMasterX or EraseMaster passwords. Since the drive owner can define up to 16 data bands on the drive, each data band has its own password called BandMasterX where X is the number of the data band (0 through 15).
8.2.3Default password
When the drive is shipped from the factory, all passwords are set to the value of MSID. This
8.3RANDOM NUMBER GENERATOR (RNG)
The drive has a
8.4DRIVE LOCKING
In addition to changing the passwords, as described in Section 8.2.3, the owner should also set the data access controls for the individual bands.
The variable "LockOnReset" should be set to "PowerCycle" to ensure that the data bands will be locked if power is lost. In addition "ReadLockEnabled" and "WriteLockEnabled" must be set to true in the locking table in order for the bands "LockOnReset" setting of "PowerCycle" to actually lock access to the band when a "PowerCycle" event occurs. This scenario occurs if the drive is removed from its cabinet. The drive will not honor any data READ or WRITE requests until the bands have been unlocked. This prevents the user data from being accessed without the appropriate credentials when the drive has been removed from its cabinet and installed in another system.
When the drive is shipped from the factory, the firmware download port is unlocked allowing the drive to accept any attempt to download new firmware. The drive owner must use the SID credential to lock the firmware download port before firmware updates will be rejected.
PULSAR.2 SAS PRODUCT MANUAL, REV. C | 35 |