96-186r0 - Security Initialization Proposal for SBC
ROWEBER at acm.org
ROWEBER at acm.org
Fri May 10 03:50:30 PDT 1996
* From the SCSI Reflector, posted by:
* ROWEBER at ACM.ORG
To: Membership of X3T10
From: John Lohmeyer
Ralph O. Weber
Date: May 9, 1996
Subject: Security Initialization Proposal for SBC
In keeping with the discussion of governmental requirements for secured disk
initialization discussed at the March SCSI Working Group meeting, we make the
following proposal for changes to SBC. All changes to the SBC rev 2 document.
"Add 'SI' to bit 5 of byte 0 of Table 9.
Delete Note 5 under Table 9.
Add the following text after Table 10:
A Security Initialize (SI) bit of one indicates that the device server shall
attempt to write the initialization pattern to all areas of the media
including those that may have been reassigned. The initialization pattern
shall be written using a security erasure write technique. The exact
requirements placed on the security erasure write technique are technology
and vendor specific. The intent of the security erasure write is too render
any previous user data unrecoverable by any analog or digital technique. It
may be necessary to perform this command multiple times to fully erase the
previous data; such procedures are outside the scope of this standard.
When the SI bit is one, the device server need not rewrite (format) header and
other non user accessible information on the media. If any area of the medium
that may have previously contained user data cannot be written, the device
server shall terminate the command with CHECK CONDITION status. The sense key
shall be set to MEDIUM ERROR.
A Security Initialize bit of zero indicates that the device server shall
initialize the application client accessible area of the media. In this case,
the device server is not required to initialize other areas of the media.
However, the device server shall format the medium as prescribed in the
definition of the FORMAT UNIT command.
More information about the T10