Secure Disk Solution (DxSD)

Discretix Secure Disk Solution is a comprehensive "in-storage" data protection solution for solid-state disks (SSD) or hard disk drives (HDD) embedded into the disk controller as semiconductor IP.

Secure Disk Solution - Market Needs

Today, our most valuable assets, whether personal or work-related, are stored on numerous fixed and mobile devices. Data backup is also shifting away from tapes and moving towards disk-based backup and recovery, continuously improving accessibility. The massive volume of stored information, its critical importance and the ease of access, significantly increases the risk associated with theft and loss. Moreover, government and industry regulations mandate strict control of data privacy and security with severe penalties for violations. To achieve true protection, data must be protected where it is stored, and not by the application that uses it

Highlights of the Secure Disk Solution

	Full Disk Encryption (FDE) – 100% data encryption, including user data, system files, hidden files, page files, temporary files, registry settings, hibernation files, and Master Boot Record
	Strong, robust encryption – robust hardware-based encryption with FIPS approved AES algorithms, up to 256-bit key strength, and secure key management
	Encryption at full disk throughput – high-performance hardware encryption engine, guaranteeing no observed performance impact
	Very Fast Secure Data Sanitization – secure disk disposal and/or repurposing within seconds
	Secure Boot – verifies controller firmware image integrity at boot time, detecting off-line firmware image tampering and unauthorized firmware
	Secure firmware updates – verifies authorized genuine firmware updates for disk controller firmware and enables firmware version revocation
	Master Boot Record tampering detection – verifies system Master Boot Record integrity at boot time, detecting off-line image tampering and unauthorized updates
	Mutual authentication with host system – prevents disk usage in a different, unauthorized host system even by authorize users
	Pre-Boot event logging – logs information on pre-boot events, including password changes and successful/failed logins
	Multiple User support – can be configured to provide authenticated login for multiple users on a single device, eliminating the need for sharing accounts and passwords

DxSD Use Cases

Secure Disk Solution - Technical Overview

The secure disk solution protects disk content from unauthorized access or misuse. A secure boot function verifies that the controller firmware has not been tampered with or modified, guaranteeing a known and trusted starting point. In addition, the Master Boot Record authenticity is verified. At system boot, DxSD requests a pre-boot password and verifies its authenticity before allowing access to the disk contents. Data stored on the disk is encrypted. Once access to the disk is granted, the DxSD AES engine decrypts data that is read from the disk and encrypts data that is written to the disk.

Block Diagram



Secure Disk Configuration Options

1 Technology and synthesis dependent; based on the use of Design Compiler® and low power 90nm TSMC technology; measured at 100MHz
2 Code size figures are for ARM® Thumb mode

Click to enlarge

Contact us for more information about the Secure Disk Solution.