Moni, Habr! Mu ndemanga kwa mmodzi wathu owerenga adafunsa funso lochititsa chidwi: "N'chifukwa chiyani mukufunikira flash drive yokhala ndi encryption ya hardware pamene TrueCrypt ilipo?" - ndipo adanenanso nkhawa zina za "Kodi mungatsimikizire bwanji kuti palibe ma bookmark mu mapulogalamu ndi hardware ya Kingston drive ?β Tinayankha mafunsowa mwachidule, koma kenako tinaganiza kuti mutuwo uyenera kuunikanso. Izi ndi zomwe tidzachita mu positi iyi.
Kubisa kwa Hardware kwa AES, monga kubisa kwa mapulogalamu, kwakhalapo kwa nthawi yayitali, koma ndendende kumateteza bwanji deta yodziwika pama drive drive? Ndani amatsimikizira zoyendetsa zotere, ndipo kodi ziphaso izi zitha kudaliridwa? Ndani amafunikira ma drive "ovuta" ngati mutha kugwiritsa ntchito mapulogalamu aulere monga TrueCrypt kapena BitLocker. Monga mukuonera, mutu womwe wafunsidwa mu ndemanga umadzutsa mafunso ambiri. Tiyeni tiyese kuzilingalira zonse.
Kodi kubisa kwa hardware kumasiyana bwanji ndi kubisa kwa mapulogalamu?
Pankhani ya ma drive flash (komanso ma HDD ndi ma SSD), chip chapadera chomwe chili pa bolodi loyang'anira chipangizocho chimagwiritsidwa ntchito kukhazikitsa kubisa kwa data ya hardware. Ili ndi jenereta ya manambala omangidwa mwachisawawa yomwe imapanga makiyi achinsinsi. Deta imasungidwa mwachinsinsi ndikusinthidwa nthawi yomweyo mukalowetsa mawu anu achinsinsi. Muzochitika izi, ndizosatheka kupeza deta popanda mawu achinsinsi.
Mukamagwiritsa ntchito kubisa kwa mapulogalamu, "kutseka" deta pa galimotoyo kumaperekedwa ndi mapulogalamu akunja, omwe amakhala ngati njira yotsika mtengo kusiyana ndi njira zolembera za hardware. Kuipa kwa mapulogalamu otere kungaphatikizepo kufunikira kwa banal kuti asinthe pafupipafupi kuti apereke kukana njira zowononga zomwe zikuyenda bwino. Kuphatikiza apo, mphamvu yamakompyuta (m'malo mwa chip chosiyana cha hardware) imagwiritsidwa ntchito polemba deta, ndipo, kwenikweni, kuchuluka kwa chitetezo cha PC kumatsimikizira kuchuluka kwa chitetezo chagalimoto.
Mbali yayikulu yamagalimoto okhala ndi encryption ya Hardware ndi purosesa yosiyana ya cryptographic, kupezeka kwake komwe kumatiuza kuti makiyi obisala samachoka pa USB drive, mosiyana ndi makiyi apulogalamu omwe amatha kusungidwa kwakanthawi mu RAM ya kompyuta kapena hard drive. Ndipo chifukwa kubisa kwa mapulogalamu kumagwiritsa ntchito kukumbukira kwa PC kusunga kuchuluka kwa zoyeserera zolowera, sikungathe kuyimitsa mawu achinsinsi kapena kiyi. Kauntala yoyesera yolowera ikhoza kusinthidwa mosalekeza ndi wowukira mpaka pulogalamu yosokoneza mawu achinsinsi ipeza kuphatikiza komwe mukufuna.
Mwa njira ..., mu ndemanga ku nkhani ""Ogwiritsa adawonanso kuti, mwachitsanzo, pulogalamu ya TrueCrypt ili ndi mawonekedwe onyamula. Komabe, uwu si mwayi waukulu. Chowonadi ndi chakuti pakadali pano pulogalamu ya encryption imasungidwa mu kukumbukira kwa flash drive, ndipo izi zimapangitsa kuti ikhale pachiwopsezo choukira.
Mfundo yofunika kwambiri: njira yamapulogalamuyi siyimapereka chitetezo chokwanira monga kubisa kwa AES. Ndi zambiri zachitetezo choyambirira. Komano, mapulogalamu kubisa deta zofunika akadali bwino kuposa kubisa konse. Ndipo izi zimatithandiza kusiyanitsa momveka bwino pakati pa mitundu iyi ya cryptography: hardware encryption of flash drives ndizofunikira, m'malo mwake, kwa makampani (mwachitsanzo, pamene antchito a kampani amagwiritsa ntchito ma drive omwe amaperekedwa kuntchito); ndipo mapulogalamu ndi abwino kwambiri pazosowa za ogwiritsa ntchito.
Komabe, Kingston amagawa mitundu yake yamagalimoto (mwachitsanzo, IronKey S1000) kukhala mitundu ya Basic ndi Enterprise. Pankhani ya magwiridwe antchito ndi chitetezo, amakhala pafupifupi ofanana, koma mtundu wamakampani umapereka kuthekera koyendetsa galimotoyo pogwiritsa ntchito pulogalamu ya SafeConsole/IronKey EMS. Ndi pulogalamuyo, galimotoyo imagwira ntchito ndi mtambo kapena ma seva am'deralo kuti ikwaniritse chitetezo chachinsinsi komanso mfundo zofikira. Ogwiritsa amapatsidwa mwayi wopezanso mapasiwedi otayika, ndipo olamulira amatha kusintha ma drive omwe sagwiritsidwanso ntchito kuzinthu zatsopano.
Kodi ma drive a Kingston flash okhala ndi AES encryption amagwira ntchito bwanji?
Kingston amagwiritsa ntchito encryption ya 256-bit AES-XTS (pogwiritsa ntchito kiyi yautali wathunthu) pamagalimoto ake onse otetezeka. Monga taonera pamwambapa, ma drive ama flash ali ndi chipangizo chosiyana cha encrypting ndi decrypting, chomwe chimagwira ntchito nthawi zonse.
Mukalumikiza chipangizo ku doko la USB kwa nthawi yoyamba, Wizard Yoyambitsa Kukhazikitsa imakulimbikitsani kukhazikitsa mawu achinsinsi kuti mupeze chipangizocho. Pambuyo poyambitsa kuyendetsa, ma aligorivimu a encryption amayamba kugwira ntchito molingana ndi zomwe amakonda.
Panthawi imodzimodziyo, kwa wogwiritsa ntchito, mfundo yogwiritsira ntchito flash drive idzakhalabe yosasintha - adzatha kutsitsa ndikuyika mafayilo mu kukumbukira kwa chipangizocho, monga momwe akugwira ntchito ndi USB flash drive. Kusiyana kokha ndikuti mukalumikiza flash drive ku kompyuta yatsopano, muyenera kulowa mawu achinsinsi kuti mupeze zambiri zanu.
Chifukwa chiyani ndipo ndani amafunikira ma drive ama flash okhala ndi encryption ya hardware?
Kwa mabungwe omwe data yachinsinsi ndi gawo labizinesi (kaya ndalama, zaumoyo, kapena boma), kubisa ndi njira yodalirika yotetezera. Kubisa kwa hardware ya AES ndi njira yowopsa yomwe ingagwiritsidwe ntchito ndi kampani iliyonse: kuchokera kwa anthu ndi mabizinesi ang'onoang'ono kupita kumakampani akuluakulu, komanso mabungwe ankhondo ndi aboma. Kuti muwone bwino nkhaniyi, kugwiritsa ntchito ma drive obisika a USB ndikofunikira:
- Kuonetsetsa chitetezo cha data yachinsinsi ya kampani
- Kuteteza zambiri kasitomala
- Kuteteza makampani ku kutaya phindu ndi kukhulupirika kwa makasitomala
Ndizofunikira kudziwa kuti ena opanga ma drive flash otetezedwa (kuphatikiza Kingston) amapereka mabizinesi mayankho osinthika opangidwa kuti akwaniritse zosowa ndi zolinga za makasitomala. Koma mizere yopangidwa mochuluka (kuphatikiza ma drive a DataTraveler flash) amalimbana ndi ntchito zawo mwangwiro ndipo amatha kupereka chitetezo chamakampani.
1. Kuonetsetsa chitetezo cha data yachinsinsi ya kampani
Mu 2017, munthu wokhala ku London adapeza galimoto ya USB mu imodzi mwa malo osungiramo malo omwe anali ndi chidziwitso chosatetezedwa ndi mawu achinsinsi okhudzana ndi chitetezo cha Heathrow Airport, kuphatikizapo malo a makamera oyang'anitsitsa komanso zambiri zokhudzana ndi chitetezo pakafika akuluakulu apamwamba. Ma flash drive analinso ndi zidziwitso zama pass amagetsi ndi ma code olowera kumadera oletsedwa a eyapoti.
Akatswiri amanena kuti chifukwa cha zochitika zoterezi ndi kusaphunzira kwa cyber kwa ogwira ntchito pakampani, omwe amatha "kutulutsa" deta yachinsinsi mwa kunyalanyaza kwawo. Ma drive a Flash omwe ali ndi encryption ya hardware amathetsa vutoli pang'ono, chifukwa ngati galimoto yotereyi itayika, simungathe kupeza deta yomwe ili pamenepo popanda mawu achinsinsi a msilikali yemweyo wachitetezo. Mulimonsemo, izi sizikutsutsa mfundo yakuti antchito ayenera kuphunzitsidwa kuyendetsa ma flash drive, ngakhale tikukamba za zipangizo zotetezedwa ndi encryption.
2. Kuteteza zambiri zamakasitomala
Ntchito yofunika kwambiri ku bungwe lililonse ndikusamalira deta yamakasitomala, zomwe siziyenera kukhala pachiwopsezo cha kusokonekera. Mwa njira, izi ndizomwe zimasamutsidwa nthawi zambiri pakati pamagulu osiyanasiyana amalonda ndipo, monga lamulo, zimakhala zachinsinsi: mwachitsanzo, zikhoza kukhala ndi deta pazochitika zachuma, mbiri yachipatala, ndi zina zotero.
3. Chitetezo ku kutaya phindu ndi kukhulupirika kwa makasitomala
Kugwiritsa ntchito zida za USB zokhala ndi encryption ya hardware kungathandize kupewa zotsatira zowononga mabungwe. Makampani omwe amaphwanya malamulo oteteza deta atha kulipitsidwa ndalama zambiri. Choncho, funso liyenera kufunsidwa: kodi ndi bwino kutenga chiopsezo chogawana zambiri popanda chitetezo choyenera?
Ngakhale popanda kuganizira momwe ndalama zingakhudzire, kuchuluka kwa nthawi ndi zinthu zomwe zimagwiritsidwa ntchito pokonza zolakwika zomwe zimachitika zingakhale zofunikira kwambiri. Kuphatikiza apo, ngati kuphwanya deta kusokoneza deta yamakasitomala, kampaniyo imayika pachiwopsezo kukhulupirika kwa mtundu, makamaka m'misika komwe kuli opikisana nawo omwe amapereka malonda kapena ntchito zofananira.
Ndani amatsimikizira kusakhalapo kwa "bookmarks" kuchokera kwa wopanga mukamagwiritsa ntchito ma drive flash okhala ndi encryption ya hardware?
Pamutu womwe tawuka, funso ili mwina ndi limodzi mwamafunso akulu. Mwa ndemanga kunkhani yokhudzana ndi ma drive a Kingston DataTraveler, tidapezanso funso lina losangalatsa: "Kodi zida zanu zili ndi zowerengera kuchokera kwa akatswiri odziyimira pawokha?" Chabwino ... ndi chidwi chomveka: ogwiritsa ntchito akufuna kuonetsetsa kuti ma drive athu a USB alibe zolakwika wamba, monga kubisa kofooka kapena kuthekera kodutsa mawu achinsinsi. Ndipo mu gawo ili la nkhaniyi tikambirana za njira zoyendetsera ma certification za Kingston asanalandire ma drive otetezeka.
Ndani amatsimikizira kudalirika? Zikuwoneka kuti tinganene kuti, "Kingston adapanga - zimatsimikizira." Koma pamenepa, mawu oterowo adzakhala olakwika, popeza wopangayo ali ndi chidwi. Chifukwa chake, zinthu zonse zimayesedwa ndi munthu wina yemwe ali ndi ukadaulo wodziyimira pawokha. Makamaka, ma drive a Kingston hardware-encrypted drives (kupatulapo DTLPG3) ndi otenga nawo gawo mu Cryptographic Module Validation Programme (CMVP) ndipo ali ndi ziphaso ku Federal Information Processing Standard (FIPS). Ma drive amatsimikiziridwa molingana ndi miyezo ya GLBA, HIPPA, HITECH, PCI ndi GTSA.
1. Pulogalamu yotsimikizira gawo la Cryptographic
Pulogalamu ya CMVP ndi pulojekiti yolumikizana ndi National Institute of Standards and Technology ya US department of Commerce ndi Canadian Cyber ββββSecurity Center. Cholinga cha polojekitiyi ndikulimbikitsa kufunikira kwa zida zotsimikiziridwa za cryptographic ndikupereka chitetezo ku mabungwe a federal ndi mafakitale oyendetsedwa (monga zachuma ndi zaumoyo) zomwe zimagwiritsidwa ntchito pogula zipangizo.
Zipangizo zimayesedwa motsutsana ndi zofunikira za cryptographic ndi chitetezo ndi ma laboratories odziyimira pawokha komanso oyesa chitetezo omwe amavomerezedwa ndi National Voluntary Laboratory Accreditation Program (NVLAP). Panthawi imodzimodziyo, lipoti lililonse la labotale limafufuzidwa kuti likugwirizana ndi Federal Information Processing Standard (FIPS) 140-2 ndikutsimikiziridwa ndi CMVP.
Ma module otsimikiziridwa kuti akugwirizana ndi FIPS 140-2 akulimbikitsidwa kuti agwiritsidwe ntchito ndi mabungwe a federal ku US ndi Canada mpaka pa September 22, 2026. Pambuyo pa izi, zidzaphatikizidwa pamndandanda wazosungidwa zakale, ngakhale zitha kugwiritsidwa ntchito. Pa Seputembara 22, 2020, kuvomera kwa mapulogalamu ovomerezeka molingana ndi mulingo wa FIPS 140-3 kunatha. Zida zikadutsa macheke, zidzasunthidwa ku mndandanda wa zida zoyesedwa ndi zodalirika kwa zaka zisanu. Ngati chipangizo cha cryptographic sichidutsa kutsimikizira, kugwiritsidwa ntchito kwake m'mabungwe a boma ku United States ndi Canada sikuvomerezeka.
2. Ndi zofunika zotani zachitetezo zomwe certification ya FIPS imayika?
Kubera deta ngakhale kuchokera pagalimoto yosungidwa yosavomerezeka ndizovuta ndipo anthu ochepa angachite, kotero posankha galimoto yogwiritsira ntchito kunyumba ndi certification, simuyenera kudandaula. M'gawo lamakampani, zinthu ndi zosiyana: posankha ma drive otetezedwa a USB, makampani nthawi zambiri amayika kufunikira kwa certification ya FIPS. Komabe, si aliyense amene ali ndi lingaliro lomveka bwino la zomwe magawowa amatanthauza.
Muyezo wapano wa FIPS 140-2 umatanthawuza magawo anayi achitetezo omwe ma flash drive amatha kukumana nawo. Gawo loyamba limapereka chitetezo chokwanira. Mulingo wachinayi umatanthawuza zofunikira zolimba pakudziteteza kwa zida. Miyezo yachiwiri ndi yachitatu imapereka kugawanika kwa zofunikira izi ndikupanga mtundu wa golide.
- Chitetezo cha Level XNUMX: Ma drive a USB ovomerezeka a Level XNUMX amafunikira njira imodzi yachinsinsi kapena mbali ina yachitetezo.
- Gawo lachiwiri la chitetezo: apa galimotoyo ikufunika osati kungopereka chitetezo cha cryptographic, komanso kuti azindikire kulowetsedwa kosaloleka pamlingo wa firmware ngati wina ayesa kutsegula galimotoyo.
- Mulingo wachitatu wachitetezo: umaphatikizapo kupewa kubweza ndikuwononga "makiyi" achinsinsi. Ndiko kuti, kuyankha pamayesero olowera kumafunika. Komanso, gawo lachitatu limatsimikizira chitetezo chokwanira ku kusokonezedwa ndi ma electromagnetic: ndiko kuti, kuwerenga deta kuchokera pagalimoto yogwiritsira ntchito zida zopanda zingwe sikungagwire ntchito.
- Gawo lachinayi la chitetezo: mlingo wapamwamba kwambiri, womwe umaphatikizapo kutetezedwa kwathunthu kwa cryptographic module, yomwe imapereka mwayi waukulu wodziwikiratu ndi kutsutsana ndi kuyesayesa kulikonse kosaloledwa ndi wogwiritsa ntchito wosaloledwa. Ma drive a Flash omwe alandira satifiketi ya mulingo wachinayi amaphatikizanso njira zodzitchinjiriza zomwe sizimalola kuthyolako posintha voteji ndi kutentha kozungulira.
Ma drive a Kingston otsatirawa ndi ovomerezeka ku FIPS 140-2 Level 2000: DataTraveler DT4000, DataTraveler DT2G1000, IronKey S300, IronKey D10. Chofunikira cha ma drive awa ndikutha kuyankha pakuyesa kulowerera: ngati mawu achinsinsi alowetsedwa molakwika ka XNUMX, zomwe zili pagalimoto zidzawonongedwa.
Ndi chiyani chinanso chomwe ma drive a Kingston flash angachite kupatula kubisa?
Pankhani ya chitetezo chokwanira cha deta, pamodzi ndi kubisa kwa hardware kwa ma drive a flash, ma antivayirasi omangidwa, kutetezedwa ku zisonkhezero zakunja, kugwirizanitsa ndi mitambo yaumwini ndi zina zomwe tidzakambirana pansipa zidzakuthandizani. Palibe kusiyana kwakukulu pama drive a Flash omwe ali ndi encryption software. Mdierekezi ali mwatsatanetsatane. Ndipo ichi ndi chiyani.
1. Kingston DataTraveler 2000
Tiyeni titenge USB pagalimoto mwachitsanzo. . Ichi ndi chimodzi mwama drive ang'onoang'ono okhala ndi encryption ya hardware, koma nthawi yomweyo imodzi yokha yokhala ndi kiyibodi yake yakuthupi pamlanduwo. Makiyi a mabatani 11 awa amapangitsa DT2000 kukhala yodziyimira pawokha ku machitidwe olandila (kuti mugwiritse ntchito DataTraveler 2000, muyenera kukanikiza batani la Key, kenako lowetsani mawu anu achinsinsi, ndikudinanso batani la Key). Kuphatikiza apo, flash drive iyi ili ndi digiri ya IP57 yodzitchinjiriza kumadzi ndi fumbi (zodabwitsa ndizakuti, Kingston samanena izi paliponse kaya pamapaketi kapena pazomwe zili patsamba lovomerezeka).
Pali batire ya 2000mAh ya lithiamu polymer mkati mwa DataTraveler 40, ndipo Kingston amalangiza ogula kuti amangire galimotoyo mu doko la USB kwa ola limodzi asanaigwiritse ntchito kuti alole batire kulipira. Mwa njira, m'modzi mwa zida zam'mbuyomu : Palibe chifukwa chodera nkhawa - kung'anima kwagalimoto sikutsegulidwa mu charger chifukwa palibe zopempha kwa woyang'anira ndi dongosolo. Choncho, palibe amene adzabe deta yanu kudzera opanda zingwe intrusions.
2. Kingston DataTraveler Locker + G3
Ngati tilankhula za mtundu wa Kingston - imakopa chidwi ndi kuthekera kosintha zosunga zobwezeretsera kuchokera pa drive flash kupita ku Google cloud storage, OneDrive, Amazon Cloud kapena Dropbox. Kulunzanitsa deta ndi mautumikiwa kumaperekedwanso.
Limodzi mwamafunso omwe owerenga athu amatifunsa ndilakuti: "Koma mungatenge bwanji zosunga zobwezeretsera?" Zosavuta kwambiri. Chowonadi ndi chakuti polumikizana ndi mtambo, chidziwitsocho chimatsitsidwa, ndipo kutetezedwa kwa zosunga zobwezeretsera pamtambo kumadalira kuthekera kwamtambo womwewo. Chifukwa chake, njira zotere zimangochitika mwakufuna kwa wogwiritsa ntchito. Popanda chilolezo chake, palibe deta yomwe idzakwezedwa pamtambo.
3. Chinsinsi cha Kingston DataTraveler Vault 3.0
Koma zida za Kingston Amabweranso ndi antivayirasi ya Drive Security yomangidwa kuchokera ku ESET. Yotsirizirayi imateteza deta kuti isawonongeke ndi USB pagalimoto ndi mavairasi, mapulogalamu aukazitape, Trojans, nyongolotsi, rootkits, ndi kugwirizana ndi makompyuta a anthu ena, wina anganene kuti, si mantha. Ma antivayirasi amachenjeza mwiniwake wagalimotoyo nthawi yomweyo za ziwopsezo zomwe zingachitike, ngati zipezeka. Pankhaniyi, wosuta sayenera kukhazikitsa odana ndi HIV mapulogalamu yekha ndi kulipira njira imeneyi. ESET Drive Security imayikidwatu pagalimoto yokhala ndi chilolezo chazaka zisanu.
Kingston DT Vault Privacy 3.0 idapangidwa ndikulunjika makamaka kwa akatswiri a IT. Zimalola olamulira kuti azigwiritse ntchito ngati galimoto yoyimilira kapena kuwonjezera ngati gawo la njira yoyendetsera kayendetsedwe kake, ndipo angagwiritsidwenso ntchito kukonza kapena kukonzanso patali ndikusintha ndondomeko za chipangizo. Kingston adawonjezeranso USB 3.0, yomwe imakulolani kusamutsa deta yotetezeka mwachangu kwambiri kuposa USB 2.0.
Ponseponse, DT Vault Privacy 3.0 ndi njira yabwino kwambiri yamabizinesi ndi mabungwe omwe amafunikira kutetezedwa kwakukulu kwa deta yawo. Itha kulimbikitsidwanso kwa ogwiritsa ntchito onse omwe amagwiritsa ntchito makompyuta omwe ali pa intaneti.
Kuti mumve zambiri zazinthu za Kingston, lemberani .
Source: www.habr.com