LTA hardware security module “Keysafe”



StorageQS is happy to announce the new Archiveware KeySafe. Contained in a robust custom-designed 19 inch rack enclosure, the KeySafe employs multiple levels of security to ensure the enduring secrecy of the encryption keys used to protect your long-term archive sets.

Affordable high-grade security

The Archiveware long-term archiving suite keeps your off-line archival data safe on hard disks, tapes, Blu-ray media or in the cloud for an extended period of time (20 years or more). A fully integrated and long-term optimized data encryption system is an important part of this solution, and keeping private keys truly private is essential for data confidentiality.

A hardware security module (HSM) is a tried and true component for safeguarding private keys: key material is generated inside a hardened environment, from which it cannot be easily extracted. Operating a traditional HSM is expensive and difficult, though, requiring a significant investment in both hardware and training. The Archiveware KeySafe, conversely, is a low-cost addition to your archiving server and is designed for set-and-forget operation.

Plug-and-play operation

After mounting the KeySafe in a standard 19 inch rack (using locking bolts, if so desired), and connecting it to your archiving server using a RS232 cable, you will be able to use the Archiveware management web interface to securely generate new encryption keys, as well as to import existing key material, including your off-site recovery keys.

After this, the KeySafe is exclusively responsible for encrypting and decrypting archive set keys, significantly simplifying key management. To allow user-level access control and key usage auditing, the KeySafe uses individual time-based authentication codes (based on TOTP, for which many third-party desktop, phone, as well as token-based clients are available). In addition to this, any permanent configuration changes require the physical key switch on the KeySafe front panel to be operated, thus protecting against unauthorized remote modifications.

Since the KeySafe represents a single point of failure, a robust disaster recovery mechanism is required. This is implemented by the Archiveware software automatically retrieving an encrypted backup of all relevant data from the KeySafe after each modification. This backup is stored on the archiving server and should be included in your normal backup procedures. To restore such an encrypted backup to a replacement KeySafe unit, the recovery media supplied with the original KeySafe (and intended for secure off-site storage) need to be accessed.

Feature summary

Using a wide range of security measures, the Archiveware KeySafe makes it easy to securely manage your archive set keys:

  • Secure hardened operating environment, with both hardware and software access controls
  • Tamper-resistant enclosure with security fasteners and other features to prevent access to the internal components without specialized tooling, as well as to shut down KeySafe operation when outside interference is detected
  • Serialized tamper-evident security seals to reveal unauthorized access attempts to the KeySafe and associated recovery keys
  • No direct access to the KeySafe operating system is available: only a limited application-specific command set is exposed via the RS232 serial port
  • Operation of the front-panel key switch is required to authorize permanent configuration changes
  • Individual user actions are authorized using TOTP authentication codes, generated by a third-party two-factor authentication client application or token
  • The KeySafe maintains an independent and immutable audit log, which is synchronized with the Archiveware server after each operation