CE Secure
Encryption Terms Glossary

Superior Encrypted Hard Drive Solutions

CE-Secure Encrypted Hard Drives




Encryption Terms Glossary


AES(Advanced Encryption Standard)

The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector.

Crypto-Erase

A function of OPAL self encrypting drives which allows the drive to be easily repuposed, by invoking the Crypto-erase function the encryption key is deleted rendering all the data on the drive to be unreadable.

FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2, is a U.S. Government computer security standard used to accredit cryptographic modules.

FIPS 140-2

Defines four levels of security, simply named "level 1" to "Level 4". It does not specify in detail what level of security is required by any particular application.

Level 1

Security Level 1 provides the lowest level of security. Basic security requirements are specified for a cryptographic module (e.g., at least one Approved algorithm or Approved security function shall be used). No specific physical security mechanisms are required in a Security Level 1 cryptographic module beyond the basic requirement for production-grade components. An example of a Security Level 1 cryptographic module is a personal computer (PC) encryption board.

Level 2

Security Level 2 improves upon the physical security mechanisms of a Security Level 1 cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.

Level 3

In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper detection/response circuitry that zeroes all plain text CSPs when the removable covers/doors of the cryptographic module are opened.

Level 4

Security Level 4 provides the highest level of security.

At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.

Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate zeroization of all plaintext CSPs.

Security Level 4 cryptographic modules are useful for operation in physically unprotected environments. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature. Intentional excursions beyond the normal operating ranges may be used by an attacker to thwart a cryptographic module's defenses. A cryptographic module is required to either include special environmental protection features designed to detect fluctuations and zeroize CSPs, or to undergo rigorous environmental failure testing to provide a reasonable assurance that the module will not be affected by fluctuations outside of the normal operating range in a manner that can compromise the security of the module.

FERPA

Family Educational Rights an Privacy Act(FERPA) FERPA gives parents access to their child's education records, and opportunity to seek to have the records amended, and some control over the disclosure of information from the records.

FISMA

Federal Information Security Management Act (FISMA) FISMA assigns specific responsibilities to federal agencies, the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) in order to strengthen information system security. In particular, FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce information technology security risks to an acceptable level.

Full Disk Encryption (FDE)

Entire disk is encrypted including data, applications and operating system. The disk will have a small partition that contains a boot system that will allow the user to authenticate themselves prior to unlocking the encrypted partition.

HIPAA

Health Insurance Portability and Accountability Act (HIPAA) defines policies, procedures and guidelines for maintaining the privacy and security of individually identifiable health information (PHI).

HITECH

Health Insurance Portability and Accountability Act (HIPAA) defines policies, procedures and guidelines for maintaining the privacy and security of individually identifiable health information (PHI).

Management Ready

An encrypted storage device, either a USB flash drive or a USB external hard drive that includes the communication client for a enterprise management system.

OPAL 2.0

The current standard for hardware encrypted storage devices created by the Trusted Computing Group.

SED (Self Encrypting Drive)

An SED is an AES 256-bit hardware encrypted storage solution. All encryption is done by the drive as data is written to the storage media. SED can be rotating media hard drives or solid state drives.

SOXS

Sarbanes-Oxley Act(SOXS) SOX, is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms.

TAA

Trade Agreements Act, GSA Schedule Contracts are subject to the Trade Agreements Act (TAA), meaning all products listed on the GSA Schedule Contract be manufactured or "substantially transformed” in a "designated country”. The designated countries are composed of:

  • World Trade Organization Government Procurement Agreement Countries;
  • Free Trade Agreement Countries;
  • Least Developed Countries; and
  • Caribbean Basin Countries

Trusted Computing Group (TCG)

Trusted Computing Group is an international standards group comprised of members that are leaders in the development of hardware and software for the computing industry.
www.trustedcomputinggroup.org










Encryption Terms Glossary