IBM System Storage - Oxford University TSM Symposiatsm-symposium.oucs.ox.ac.uk/2007/papers/Christina...

TSM Symposium September 2007

TSM encryption options:Using IBM tape hardware encryption

Christina CouttsChristina CouttsFTSS Removable [email protected]

IBM System Storage© 2007 IBM Corporation

IBM System Storage


Security of Data: a Business ImperativeSecurity of Data: a Business Imperative

Many government agencies are requiring disclosure ofMany government agencies are requiring disclosure of security breaches– 32 states in USA have security breach similar legislation,

Source: www.Privacyrights.org

Industry organizations are also increasing scrutiny of security procedures.– Source: Payment Card Industry Security Audit Procedures

V i 1Version 1

Over 150 million consumers have been notified of potential security breaches regarding personal information since 2005information since 2005– Source: www.Privacyrights.org

Information is the most valuable property of a company– Computer crime grows steadily

IBM System Storage2 Tape encryption | Christina Coutts

IBM System Storage™

Other Regulatory Drivers for EncryptionOther Regulatory Drivers for EncryptionEU – Directive on Data Protection of 1995

Implemented by National Legislationp y g

Generally Does not require Encryption

Generally imposes fines for failure to adequately protect subject information

Payment Card Industry (PCI) Data Security StandardApplies to all member merchants of Visa, Mastercard, and other credit card companies that store cardholder data. Applies to commerce conducted via retail, phone, mail, and e-commerce channelschannels

PCI recommends encryption as “the ultimate mechanism” to protect stored data.

VISA Merchants that fail to comply potentially face hundreds of thousands of dollars in penalties, in addition to the costs of notification credit monitoring and new account creationin addition to the costs of notification, credit monitoring and new account creation.

Basel IIApplies to Large Global & Money Center Banks

Requires establishment of separate Capital Accounts restricted from traditional uses like lending , trading, etc. to offset Operational Risk

Initiatives (like Data Security) that reduce Operational Risk free up this capital for productive use.

© 2007 IBM Corporation


AgendaAgenda

Storage securityStorage securityTSM and data security

Encryption overview

TSM and encryption yp– Client software-based– Hardware-based

Encryption implementation in the tape drive– Encryption methods– LME components

Encryption Key Manager and other SW components

Key serving: LTO and TS1120

More information?



Storage SecurityStorage Security

Parameters and settings:Ensure resources are available to authorised users and trusted networks

E il bl t lEnsure resources are unavailable to everyone else

Parameters and settings controlled in:Organisation’s policies

Communications protocols

Programming

Hardware



Securing Data at RestSecuring Data at Rest

1. Establish a Perimeter:

Secure Mobile Data• Enforce password protection /

encryption of confidential data on all laptopson all laptops

• Monitoring agents

• Implement encryption on all data stored on tape




2. Strengthen Fortifications

Limit Access based on Roles• Implement table / database

level encryption leveraging hardware Crypto Providershardware Crypto Providers

• Share keystores & key management environment




3. Implement DASD Encryption (when available)

Complete Protection Initiative• Secure remaining data files

• Secure HDDs for loss of control / process escapes during MA & de-acquisition



TSM and Data SecurityTSM and Data Security

Authentication, Authorization, Access controlAre you who you say you are?

– Passwords– Admin Centre and Web Admin serverAdmin Centre and Web Admin server– Firewall support based on TCP/IP port specification

Do you have permission to do, or access, this?

Control lists or role-based access.

Protection of data – in flight, and at restg ,EncryptionEncryptionCyclic Redundancy Checks

Data Retention Protection

Data shredding (secure data erase)



AgendaAgenda

Storage securitysecurity

TSM and data security

Encryption overviewEncryption overviewTSM and encryptionTSM and encryption

– Client software-based– Hardware-based




More information?



What is Encryption?What is Encryption?

Transformation of readable, understandable data to a form that is not (cipher text)

Transformation is based on a mathematical formula

There are formulas for the transformation of different types of dataKeysTextPersonal Identification Numbers

Some advanced functions associated with cryptography are combinations of basic cryptographic functions applied in a specific manner against specific datacryptographic functions applied in a specific manner against specific data

A number of cryptographic functions are used: DES, AES128, AES256

HELLO!HELLO! LIOBOHMMGMLJLIOBOHMMGMLJHELLO!HELLO! LIOBOHMMGMLJLIOBOHMMGMLJ


[Example shown uses STEW ( Symmetric Transient Encryption Wave) ]


Helps protect data from unauthorised accessHelps protect data from unauthorised access

Encryption ProcessEncryption Process

Encryption algorithm(e.g. AES)

Clear or plain textCipher Text

(Encrypted Data)K ( yp )

Decryption Process

Key

Encryption algorithmCipher Text

Clear or plain textKey

Data that is not encrypted is referred to as “clear text”

“Cl t t” i t d b i ith “k ” d “ ti l ith ”

Key

“Clear text” is encrypted by processing with a “key” and an “encryption algorithm”– Several standard algorithms exist, include DES*, TDES and AES

Keys are bit streams that vary in length


– For example AES supports 128, 192 and 256 bit key lengths *DES, invented by IBM in 1974


Symmetric EncryptionSymmetric Encryption

S k d t t d d tSame key used to encrypt and decrypt

Symmetric Keys must be stored and secured against unauthorized access



Asymmetric EncryptionAsymmetric Encryption

A key pair is used to encrypt and decrypt– The key used to encrypt is often referred to as the Public key

The Key used to decrypt is referred to as the Private key– The Key used to decrypt is referred to as the Private key

The Public key may be made widely available without fear of compromise

The Private Key must be secured against unauthorized access


Public / Private encryption is widely used for exchange of data between organizations (eMail)


AgendaAgenda

Storage security


Encryption overview

TSM and encryptionTSM and encryptionypyp– Client software-based– Hardware-based




More information?



TSM and encryptionTSM and encryptionTSM Client encryption– Encryption in software– Encryption in software– Performed by client host– Keys managed by TSM client or server

PLUS new methods using tape drive hardware:Application Managed EncryptionApplication Managed Encryption– Keys managed by TSM server– Keys managed by TSM server

Library Managed EncryptionLibrary Managed Encryption– Encryption is transparent to TSM– Keys managed externally– Library hardware provides proxy

System managed encryptionSystem managed encryption– Encryption is transparent to TSM– Keys managed externally


– Device driver on server provides proxy


Enabling TSM Client encryptionEnabling TSM Client encryption

Set encryption options (dsm.opt, dsm.sys, or Client Server Options)– Select data to encrypt

• “include.encrypt” TSM Clients • “exclude.encrypt”

– Select encryption method• “encryptiontype=aes128” for AES128

TSM ClientsAES128 or DES56

Encryption key is derived from an Encryption Key Password

“You” supply and save key– You supply and save key• “encryptkey=save”• “encryptkey=prompt”

Key randomly generated and TSM server saves

TSM Server

TSM – Key randomly generated and TSM server saves key with meta data• “enableclientencryptkey=yes”

TSMDB



TSM client versus hardware encryptionTSM client versus hardware encryption

Client Encryption– Protects data while being written (“over

the wire”)

Hardware encryption– No performance overhead at the host

server– Remains encrypted while at rest on-line– Remains encrypted while at rest on

removable mediaHardware vendor agnostic

– Encryption is transparent to write performance

– Encryption applied after compression so data will be compressed as normal– Hardware vendor agnostic

– Increased CPU utilization during backup – so performance may suffer

– No compression on tape – so backup

p– Uses AES256 key format– Data is not encrypted during write

transfersizes may double

– Uses AES128 or DES56 key format– Requires software key and

management on restore

– Requires hardware encryption capability and key management on restore

management on restore



AgendaAgenda

Storage security


Encryption overview

TSM and encryption – Client software-based– Hardware-based

Encryption implementation in the tape driveEncryption implementation in the tape drive– Encryption methods– LME components



More information?



IBM Encryption Capable Tape DrivesIBM Encryption Capable Tape Drives

Shipped on all new TS1120 drives shipped 9.8.2006 or later – Feature Code # 9592 – Encryption Capable, Plant installed– No charge (NC) feature

Identified by label on drive canister– Identified by label on drive canister

Can be added to existing TS1120 3592E05s by MES Upgrade– Feature Code # 5592 – Encryption Capable – Field– CE Installed – new hardware and drive microcode

Shipped on all LTO Generation 4 drives– All LTO4 have encryption hardwareyp– No additional charge on drive

So what does having encryption hardware mean?So what does having encryption hardware mean?


So what does having encryption hardware mean?So what does having encryption hardware mean?


Encryption in the Tape DriveEncryption in the Tape Drive

Built-in AES 256-bit data encryptionFC Port

0 Drive

Clea

!@M

A8Built-in AES 256-bit data encryption

engine in every driveLocated “below” compression engine

Host Interface DMA Drive

Firmware

Processor

ar Clear C

le8%

w*q03!k3iKm

4 r ear g– Virtually no performance or capacity

impact (<1%)– data can be compressed and be

t d i lt

Compression Decompression

AES Encryption

AES Decryption

Code Memory

ar Clear clear

*^Fj&fgtrS

Iaasl

4msW

Cle

ar C

lear

encrypted simultaneous

Look-aside decryption & decompression help assure data integrity

Application Specific Integrated Circuit

Encryption Decryption

Buffer

w*q03!k3iKm4Aw^1*

#*4

DriveintegrityPreserves performance and compression characteristics

ECC and Format Encoding

Read/Write Electronics

Read/Write Head

DriveCertificate

withDrive’s

RSA Key

Tape Mediaw*q03!k3iKm4Aw^1*

But anyone can put a card in a driveBut anyone can put a card in a drive


But anyone can put a card in a drive…But anyone can put a card in a drive…


IBM Encryption Implementation and ManagementIBM Encryption Implementation and Management

Application-Managed PolicyApplication Managed(Currently TSM)

Policy

nage

r System-Managed________(z/OS, AIX & Solaris)

Policy

Key

Man

Lib M d

( , )_________

cryp

tion Library-Managed

Policy

En

(TS3500,TS3400,TS3100,TS3200,TS3310)

Policy



TSM Application Managed Encryption (AME)TSM Application Managed Encryption (AME)

Application provides Policy Engine toTSM Server

TSM DB

Application provides Policy Engine to determine if data is encrypted – Policy set in tape device class

DRIVEENCRYPTION=ON|ALLOW|OFF

VOL123– Data access through standard TSM access

controls

TSM generates encrypts and stores the S ge e ates e c ypts a d sto es t ekey in the DB with other meta data– Provides interface to key services– Associates correct key with fileAssociates correct key with file– Keys flow to the drive in the clear

Not applicable to TSM DB backups, backup set Export tapes or zOS TSM

VOL123

backup set, Export tapes, or zOS TSM server



TSM Library Managed Encryption (LME)TSM Library Managed Encryption (LME)

Policy Mechanisms provided by LibraryKeystore

EKM DB

Policy Mechanisms provided by Library Microcode– Library policies for Library Managed– DATACLAS in zOS (uses System Managed)DATACLAS in zOS (uses System Managed)

Encryption Keys provided by external Encryption Key Manager

C i ti i IP P ti f

keylabel keylabel

– Communication via IP Proxy connection from IBM Tape Library (LME)

– Key flows authenticated and secured via SSL-like interactionlike interaction

EKM environment applicable to TSM or NetBack Up Media Server – or other applications

LTO001JAG001

applicationsEncryption is “transparent” to TSM (and applications above the library layer).



AME fits a narrow set of requirementsAME fits a narrow set of requirements.

You use only TSM for backup and to createYou use only TSM for backup and to create Tape

yesno

You have no known requirements for non-TSM environments

yesno

You have lower security requirements for B2B Data interchange via Tape

Implement Transparent Encryptionno

You require support for cartridge interchange across different Tape Drive vendors

(LME/SME)yes

noacross different Tape Drive vendors

Consider Application Managed Encryption

yesno


pp g yp


IBM Tape Encryption MethodsIBM Tape Encryption Methods

Encryption Policy Policy Data KeyEncryption Method

y

Encrypt?

y

Key Label?Data Key

Generation

Application TSM Devclass NA TSM

Atape/IBMtape Encryption Key Encryption KeySystem Open Atape/IBMtape Device Driver

Encryption Key Manager (EKM)


DFSMS D t DFSMS Data E ti KSystem z/OS DFSMS Data Class or JCL DD

DFSMS Data Class, JCL DD or

EKM


TS3500 (3584)Library (or Transparent)

TS3500 (3584)TS3400 (3577)

Web Interface

TS3500 (3584)TS3400 (3577)

Web Interface or Encryption Key Manager (EKM)


(log. Lib or Volser range) Web Interface EKM


Library Managed Encryption components summaryLibrary Managed Encryption – components summary

TSMTSM server Supports AME or SME

Keystore Crypto Services TS1120or LTO4

Provides encryption card hardware

HW or SW basedHW or SW based HW or SW basedGenerates keys

HW or SW basedStores keys

Encryption Key ManagerIBM Tape Library Supports LMEFree IBM program

Run in IBM JREEKMEKM

Run in IBM JRERuns on server of your choiceManages key distribution

EKM management forS


LME or SME


AgendaAgenda

Storage security


Encryption overview

TSM and encryption Cli t ft b d– Client software-based

– Hardware-based

Encryption implementation in the tape drive– Encryption methods

LME t– LME components

Encryption Key Manager and other SW componentsEncryption Key Manager and other SW components

Key serving: LTO and TS1120Key serving: LTO and TS1120

More information?



Encryption Key Manager Overview• Runs in IBM Java Runtime Environment (JRE)• Supplied free from IBM

Encryption Key Manager Overview

Encryption

• Does not perform any crypto operations itself

EncryptionKey Manager

(EKM)• Drive Table contains list of• Config File tells EKM how to run

ConfigFile

DriveTable

• Drive Table contains list of valid drives

• Config File tells EKM how to run.–Where Keystore is located–Where Drive Table is located–Default key labels

K t Crypto ServicesKeystore C ypto Se cesProvider

• Hardware or Software based• Stores certificates and keys

• Hardware or Software based• Generates Data Keys (DK)


• Stores certificates and keys • Generates Data Keys (DK)• Wraps/Unwraps/Rewraps DKs


The Transparent Encryption solution: assembled from a p ypcombination of existing and new components.

Key Administration

Component

Authorization Component

Library Encryption

Policy ComponentComponent

Key Distribution Component

Crypto ProviderComponent

Embedded Crypto Provider

Componentp

Key Store

Component E i ti C t N C t


Existing Component New Component


EKM Environment components run together in a single server image and may support Centralized Key Management .

Encryption Key

Administration

Authorization Component

May reside on a different server or different platform than the server connected to

Crypto Provider

the Tape Drive.

Does not have to be implemented in a dedicated

IBM EKM Key Distribution Component

implemented in a dedicated system or LPAR.

May reside in a different l ti th th t d i

Key Store

Key

plocation than the tape drive.

Implemented on standard server platforms.

Component

ConfigFile

DriveTableKey

Storefile EKM

Environment

pFile Table


Environment


Encryption KeystoreEncryption Keystore

Maintained on server or in hardware crypto device

Contains key label, public keys and private keys

Populated by self generated or imported certificates

Example:

Key Label Public Key

Private Key

Acme 12345… abcde…

Offsite BP RR 98765… Not Available



Supported KeyStoresSupported KeyStores

Distributed – JCEKS (file based)

PKCS11IMPLKS (PKCS11 hardware crypto)– PKCS11IMPLKS (PKCS11 hardware crypto)

I5 – JCEKS (file based)( )– IBMi5OSKeyStore (I5 platform capabilities)

z/OS– JCEKS (file based)– JCE4758KS/JCECAAKS (ICSF Secure hardware)– JCE4785RACFKS/JCECCARACFKS (RACF with secure hardware)( )– JCERACFKS (RACF/SAF)



AgendaAgenda

Storage security


Encryption overview


Encryption implementation in the tape driveE ti th d– Encryption methods

– LME components


Key serving: LTO and TS1120Key serving: LTO and TS1120More information?



IBM uses both methods for secure key exchangeIBM uses both methods for secure key exchange

Symmetric Key Key Pair

Public KeyPrivate Key

The same key is used to encrypt and decrypt the data.

Pairs of different, mathematically related keys are used to encrypt & decrypt data

Symmetric Key Key Pair

decrypt the data.Implementation requires exceptional focus on securing access to the key. Usually deployed within an enterprise or

are used to encrypt & decrypt data.The “Public” key may be made widely availableThe “Private” key is must be secured Widely used as the outer layer of an encryptiony p y p

within a layered architecture using asymmetric protection for key exchange.Preferred for high data volumes because they are more efficient

Widely used as the outer layer of an encryption architecture to protect keys. IBM Solution uses Asymmetric RSA2048 Keys for Key-Encrypting Keys (KEKs)

they are more efficient. IBM Solution uses Symmetric AES256 Keys for Data Keys


*Name of the three mathematics Rivest, Shamir and Adleman


Putting it all togetherPutting it all together…



Encryption Key Generation and Communication:Encryption Key Generation and Communication:How is it such a secure system?

1Load cartridge

specifying encryptionDrive requests data key sending

its own private key certificate 2Encryption

Key Manager(EKM)

its own private key certificate 2

( )Config

FileDriveTable

Key manager transmits both encrypted data keys to tape drive4

Key manager generates data key and encrypts with 2 different “public” keys: first with the drive’s key and second with the

35

Drive writes

Drive decrypts one key, writes encrypted data, discards key

6data’s policy key

JAG001

Drive writes second encrypted key to the cartridge

discards key.


cartridge


TS1120 Encryption Process summaryTS1120 Encryption Process - summary

ClearClearText

CipherT tDK(Data)

DK EncryptedTape

Text( )

(Symmetric)

KEK(DK) EEDK

Tape

EEDKKEK(DK)KEK(DK) EEDK

KEKKEK (Asymmetric)

DK – Data Key (Symmetric)KEK – Key Encrypted Key (Asymmetric)


EEDK – Externally Encrypted Data Key


TS1040 (LTO) Encryption ProcessTS1040 (LTO) Encryption Process –

ClearText

TS1040TS1040Encrypted

Tape

CipherTextDK(Data)

(Symmetric)DK

(Symmetric)

DK – Data Key (Symmetric)


• Encryption Process Defined by T10 Standard


Advice on working with keys/certificatesAdvice on working with keys/certificates

Don't lose your (public/private) keys and certificates

Don't leave your (public/private) keys and certificates lying around

Make sure you backup your ( bli / i t ) k d tifi t(public/private) keys and certificates



AgendaAgenda

Storage security


Encryption overview


Encryption implementation in the tape driveE ti th d– Encryption methods

– LME components



More information?More information?



TSM ResourcesTSM Resources

TSM manuals on the internet - Tivoli Information CentreCentre– http://publib.boulder.ibm.com/infocenter/tivihelp/v1r1/index.jsp?

toc=/toc /com.ibm.itstorage.doc/toc.xml

TSM support websitepp– http://www..ibm.com/software/sysmgmt/products/support/

IBMTivoliStorageManager.html



Other IBM ResourcesOther IBM ResourcesJava Encryption Key Manager Support Page– http://www-1.ibm.com/support/docview.wss?&uid=ssg1S4000504

White Papers TS1120 Performance with Encryption– TS1120 Performance with Encryption

– TS1120 Encrypting Data

– TS3500 Library Managed Encryption

Redbook– IBM System Storage TS1120 Tape Encryption: Planning,

Implementation and Usage Guide (SG24-7320)Implementation, and Usage Guide (SG24 7320)

TSM Encryption Overview Presentation– http://w3-

103.ibm.com/software/xl/portal/viewcontent?type=doc&srcID=XW&docID=H800739N06088R56



IBM Tape Encryption DocumentationIBM Tape Encryption DocumentationLibrary

– 3584 Intro and Planning Guide - GA32-0469

– 3584 Operator’s Guide - GA32-0468

– EKM Intro, Planning, and Users Guide - GA76-0418

System– 3584 Intro and Planning Guide - GA32-0469

– 3584 Operator’s Guide - GA32-0468358 Ope ato s Gu de G 3 0 68

– EKM Intro, Planning, and Users Guide - GA76-0418

– IBM Tape Device Driver Install and Users Guide - GC35-0154

– DFSMS Software Support for IBM TotalStorage Enterprise Tape DriveDFSMS Software Support for IBM TotalStorage Enterprise Tape Drive TS1120 ( 3592 ) - SC26-7514

Application3584 Intro and Planning Guide GA32 0469– 3584 Intro and Planning Guide - GA32-0469

– 3584 Operator’s Guide - GA32-0468

– TSM 5.4 Admin Guide - GC32-0768• TSM 5 3 4 Readme interim


• TSM 5.3.4 Readme interim


Other ResourcesOther Resources

Cryptography Decrypted – Mel and Baker, 2001

Privacy Rights Clearinghouse – www privacyrights orgPrivacy Rights Clearinghouse www.privacyrights.org

Consumer Union -http://www.consumersunion.org/campaigns/Breach_laws_May05.pdfp g p g _ _ y p

California Department of Consumer Affairs –“Recommended Practices on Notification of Security Breach Involving Personal Information”http://www.privacy.ca.gov/recommendations/secbreach.pdf

N ti l I tit t f St d d d T h lNational Institute of Standards and Technologyhttp://csrc.nist.gov/publications/nistpubs



TrademarksThe following are trademarks of the International Business Machines Corporation in the United States and/or other countries. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: AS/400, DBE, e-business logo, ESCO, eServer, FICON, IBM, IBM Logo, iSeries, MVS, OS/390, pSeries, RS/6000, S/30, VM/ESA, VSE/ESA, Websphere, xSeries, z/OS, zSeries, z/VM

Th f ll i t d k i t d t d k f th iThe following are trademarks or registered trademarks of other companies

Lotus, Notes, and Domino are trademarks or registered trademarks of Lotus Development CorporationJava and all Java-related trademarks and logos are trademarks of Sun Microsystems, Inc., in the United States and other countriesLINUX is a registered trademark of Linux TorvaldsUNIX is a registered trademark of The Open Group in the United States and other countries.Microsoft, Windows and Windows NT are registered trademarks of Microsoft Corporation.SET and Secure Electronic Transaction are trademarks owned by SET Secure Electronic Transaction LLC.Intel is a registered trademark of Intel Corporation* All other products may be trademarks or registered trademarks of their respective companies.

NOTES:

Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here.p g g p p q p

IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply.

All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions.

This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to change without notice. Consult your local IBM business contact for information on the product or services available in your area.to change without notice. Consult your local IBM business contact for information on the product or services available in your area.

All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance, compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.

Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography.

References in this document to IBM products or services do not imply that IBM intends to make them available in every country.

Any proposed use of claims in this presentation outside of the United States must be reviewed by local IBM country counsel prior to such use.

The information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.

Any references in this information to non IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites The materials at those


Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.

IBM System Storage - Oxford University TSM Symposiatsm-symposium.oucs.ox.ac.uk/2007/papers/Christina...

Documents

Transcript of IBM System Storage - Oxford University TSM Symposiatsm-symposium.oucs.ox.ac.uk/2007/papers/Christina...