Securing Data Encryption with Common Criteria certified SSDs
Introduction
UD info’s Common Criteria certified PCIe M.2 2280 (M2P 80DA series) provides a framework for assessing the security properties of IT products to meet NSA security requirements. This PCIe M.2 SSD with Common Criteria Protection can meet specific security features including Protection Profile and Security Target.
Our partner, one of the Department of Defense (DoD) leaders in Rugged Computer Technology, requested a storage that could support secure data features and ensure data security. The client is using the PCIe M.2 2280 SSD as the primary storage device of Rugged PC for data acquisition, particularly for defense applications.
The customer looked for an industrial-grade SSD with a tiny form factor that could withstand severe temperatures, provide garbage collection and wear-leveling security, and manage background operations to prevent critical data exposure. This storage would also require the ability to validate firmware integrity and security.
The high-performance PC system is mainly utilized in flight testing, electronic warfare, intelligence, and surveillance.
Challenges
1. Secure Data Erasure & Sanitization
- SSDs use wear leveling and overprovisioning, making it difficult to guarantee complete data erasure.
- Sanitizing SSDs by deleting encryption keys is always necessary.
2. Firmware Integrity & Security
- Protecting against firmware tampering and supply chain attacks.
- Preventing rollback attacks by enforcing firmware version controls.
3. Reliability & Wear-Leveling Security
- Preventing unintended data leaks due to wear leveling.
- Secure garbage collection and wear-leveling mechanisms.
Solutions
UD info offers a 2TB PCIe M.2 2280 common criteria certified SSD, providing security features and assurance levels of data encryptions. This SSD meets requirements from FIPS, NIST, and NSA for secure storage. The features included FDE data encryption, secure erasing sanitization, access control, and authentication. It can fulfill both hardware-based and software-based data encryptions.
Results
With UD info’s Common Criteria Certified PCIe M.2 2280 SSD, the product can fulfill security functional requirements and solve the problems of software encryption. This SSD can meet data compliance with NIST standards, specify encryption algorithms, ensure secure erase functionality, prevent unauthorized data recovery, protect firmware integrity, and secure wear leveling mechanism. It can meet all kinds of security targets in rugged applications.
M2P-80 DA