What's New in CSfC Data-at-Rest Capability Package 5.0
The National Security Agency/Central Security Service (NSA/CSS) is constantly developing new ways to leverage emerging technologies to deliver more timely Information Assurance (IA) solutions for rapidly evolving customer requirements. The NSA/CSS’s Commercial Solutions for Classified (CSfC) process enables commercial products to protect classified NSS information. CSfC solutions must be layered, consisting of two individual encryption layers called components. Commercial vendors develop components, put together and tested by trusted integrators, to produce a CSfC solution.
The CSfC Program within the NSA Capabilities Directorate publishes Capability Packages (CP) to provide architectures and configuration requirements that empower IA customers to implement secure solutions using independent, layered, commercial off-the-shelf (COTS) products. The CPs are product-neutral and describe system-level solution frameworks, documenting security and configuration requirements for customers and integrators.
The CSfC Data-at-Rest (DAR) CP has evolved over the last six years. Starting with the initial draft version 0.8 in July 2014, the DAR CP has matured and changed as expected with the ever-increasing CSfC-based storage applications in the field. The most recent incarnation of the DAR CP is version 5.0.
The DAR CP (and any other CP) is a public document produced by NSA to describe system-level solution frameworks, documenting security and configuration requirements for customers and integrators.
The DAR CP is focused on implementing cryptography to mitigate the risk to classified data from unauthenticated access when the device is powered off or unauthenticated. The DAR CP is intended to address DAR requirements and is designed to help those working to implement a solution to protect classified DAR. The CP provides guidance when combining two components from the NSA CSfC Components List to create a solution.
While a guideline primarily for solution users and integrators, the DAR CP also provides a set of guidelines for COTS vendors and developers. Vendors like Curtiss-Wright have used the DAR CP guidelines to develop COTS CSfC products. Since COTS vendors are encouraged to design new, innovative components that can be proposed in CSfC solutions, it only makes sense that those COTS vendors make sure that their components can be approved for use in a CSfC solution.
As noted earlier, a CSfC solution must include two layers of independent encryption components. Knowing that the solution integrators and users must get approval from NSA for their solution, responsible component vendors design to those guidelines so that solution integrators will be successful. After all, the COTS component vendors want to sell products successfully to the broadest market possible. Knowing that the component will meet the DAR CP guidelines reduces program and schedule risk for integrators (and their customers).
This paper will review the most recent changes from CP 4.0 to 5.0. Particular emphasis will be given to the more significant new topics: Unattended Operation Use Case and a hardware full-disk encryption (HWFDE) + HWFDE solution.