COTS Encryption for Data-at-Rest
April 28, 2017 | BY: Paul DavisDownload PDF
Enabling Top Secret Data Storage with Two-layer Encryption
With the use of deployed vehicles, such as UAVs and UUVs increasing dramatically, protecting sensitive data on those platforms has become a critical challenge. Until recently, Type 1 encryption devices were the only choice available to protect Data-at-Rest (DAR). The lengthy development times and high costs associated with new Type 1 encryptors increase program schedule risk. Due to constraints on the USG budget, even large programs are finding it difficult to fund new Type 1 encryption developments.
A solution that both speeds the deployment and lowers the cost of protecting DAR is provided by the new two-layer encryption approach outlined in the National Security Agency’s (NSA) Commercial Solutions for Classified (CSfC) process. CSfC allows for the use of commercially sourced encryption technologies for applications that do not require the highest levels of protection.
This paper explains how two-layer encryption can be supported by commercial off-the-shelf (COTS) data storage solution vendors, and how system integrators can take advantage of these products to reduce their program schedules, costs, and development risk. It outlines how two-layer encryption can be leveraged with COTS Network Attached Storage (NAS) systems to enable NSA solution approval. As an example, it highlights how a compact data storage system from Curtiss-Wright Defense Solutions, currently being evaluated by NIAP for Common Criteria (CC) and CSfC conformance, incorporates two-layer encryption in one device to address data protection requirements and SWaP constraints on deployed platforms.
Download our COTS Encryption for Data at Rest White Paper to read more about:
- Commercial Solutions for Classified (CSfC)
- Common Criteria
- Type 1 Encryption
- Data-at-Rest (DAR) encryption
- Two-Layer Encryption
- Size Weight and Power (SWaP)