The Silicon Data Vault High Assurance (SDV-HA) is a portable self-encrypting solid state storage and processing device housed in a compact rugged enclosure. It attaches to a computer by USB or eSATAp. Hardware implemented, the SDV-HA utilizes NSA Suite B cryptographic algorithms, a distributed key management system and two-factor pre-boot and post-boot authentication (passphrase and USB token) to provide exceptionally strong data protection. The SDV-HA also incorporates highly innovative anti-tamper detection and response mechanisms developed to negate the risk of attempts to subvert the operation of the device. The SDV-HA can detect both physical removal and electrical disconnection of the enclosure as well as internal access and tampering of components. It also monitors environmental and operational conditions with a tamper event triggered if a condition contravenes predefined values. When a tamper event is triggered, the SDV-HA will cause the encryption keys to be destroyed rendering the device inoperable.
The SDV-HA has undergone and passed an extensive and rigorous Australian Signals Directorate (ASD) High Assurance evaluation. This evaluation is a verification and validation program designed to ensure that security in cryptography, anti-tamper and operation adhere to the strictest of conditions. The subsequent High Assurance certification enables Australian government agencies to rely on the strength and quality of the security they use to protect official classified information and systems. The SDV-HA is certified by ASD to secure highly classified data up to and including TOP SECRET yet enable handling as UNCLASSIFIED with Dissemination Limiting Marking For Official Use Only when powered down. SECRET data can be handled as UNCLASSIFIED without the need for a DLM.
System Security:
SDV Hardware Encryption
NSA Suite B algorithms
AES 256
ECC 384
Sector level on the fly encryption
Two-factor pre-boot and post-boot authentication
Active tamper detection and response
Distributed key management
Separate administrator and user roles
Secure erase
Features:
Customisable operating environment
Customisable operating mode
Multiple partitions
Audit log
Large capacity solid state storage (up to 960GB)
Value Proposition:
Cost Effective: The overall costs incurred for on-going data storage and handling of highly classified information may well be significant and somewhat hidden. TOP SECRET data when stored on the SDV-HA can be handled as UNCLASSIFIED For Official Use Only, thus removing the need for traditional highly secure courier and transport methods and their associated costs and procedural inefficiencies. Cost savings can also be achieved as data classified SECRET or below can be stored and physically transferred as UNCLASSIFIED.
Confidentiality: Lost or misplaced documents or un-encrypted storage products containing highly classified data can put lives and dollars at extreme risk. Highly classified data is afforded total protection when using the SDV-HA. A lost, stolen or captured device thus becomes a hardware replacement administration issue and not a data content confidentiality problem.
User Examples:
- Using eSATAp connectivity with a standard OS on a specific PC.
- Using USB connectivity with a portable OS that can be booted from a variety of PCs (as and when required) to provide a truly portable processing environment. Note, when using the SDV-HA with USB connectivity in this mode, the installed OS must support booting from a USB device (e.g. Windows To Go versions, Windows 10).
SDV-HA Documentation:
Certification Details:
Australian Government Australian Signals Directorate (ASD) High Assurance Evaluation.
For more information on certification, see Certifications.