The OSD security protocol

The ANSI T10 Object-based Storage Devices (OSD) Standard is a new standard. It evolves the storage interface from fixed size blocks to variable size objects and includes an integrated security protocol that protects storage. This paper presents the requirements, the design tradeoffs, and the final security protocol as defined in the standard. The resulting protocol is based on a secure capability-based model, enabling fine-grained access control that protects both the entire storage device and individual objects from unauthorized access. The protocol defines three methods of security based on the applications' requirements. Furthermore, the protocol's key management algorithm allows keys to be changed quickly, without disrupting normal operations. Finally, the protocol is currently being enhanced for version 2.0 of the ANSI T10 OSD standard; future extensions will include data-encryption and access-control on sections of storage objects.