USB Flash Drives: Protecting Data And Enhancing Storage Steffen Hellmold VP and General Manager UFD BU Lexar

Presentation Outline History of UFD standardization User’s security value metrics Advantages of standard security solutions Evolution of the UFD – a vision USB Lockable Storage Device specification Compelling technology design considerations Future Lexar technologies Demo Call to action Additional resources

History Of Lexar’s UFD Standardization Efforts At WinHEC 2003 four aspects of USB flash drives requiring additional standardization were identified New category name for USB Flash Drive (UFD) UFDA founded end of 2003, initially focused on establishing category name and educate consumers about UFDs Physical Form Factor for USB Flash Drive USB-IF approved the Series ‘A’ Plug form factor Guideline 1.0 – 2005 Bootability support for USB Flash Drives Windows Vista “Core System” logo certification requirement (Consumer and Business SKUs) Security for USB Flash Drives

Easy to Use Low CostHighly Secure Solution User’s Security Value Metrics

Advantages Of Standard Security Solutions No need to exploit “Windows XP backdoors” and use spoofing to launch password systems software Seamless integration into Windows Avoiding legacy issues Don’t need to use Vendor unique commands limiting the solutions to specific hardware One UFD

Evolution Of The UFD – A Vision Past In the beginning, USB Flash Drives (UFDs) enabled their users to take their data with them everywhere Present Then, USB Flash Drive manufactures created small, stand-alone, proprietary applications which could be run from the UFDs Today, Portable Working Environments enable us to install and run a wide variety of programs from our UFDs Future My data → my data and apps → my data and apps and OS

UFDs: Protecting Data And Enhancing Storage Martin Furuhjelm Design Manager Enterprise and OEM Products Lexar

USB Lockable Storage Purpose USB-IF Implementers Forum international standard-royalty free Extend USB Mass Storage Class to allow hosts and devices to lock and unlock storage, without breaking legacy behaviors that exists today Key Scenarios Protect for loss/theft Ensure privacy of data

What Is USB Lockable Storage? Legacy / Impersonal Mode

USB Locking User Experience Plug-in Successful Passphrase

USB Lockable Storage Feature Negotiation Feature negotiation No impact on legacy systems Lockable Storage Interface Extension Descriptor (LSIED) USB parser already knows how to handle Extension Descriptors from HID devices Allows future features to be added

USB Lockable Storage Command Set Nine new USB commands specified Store, match, and change Passphrase Erase Passphrase (return to Impersonal) Electronic unplug Originally used to update firmware Now we change PIDs to unlock

Compelling Technology Design Considerations Personal storage device environment Integrating support into the Windows Storage Stack PC OEM and Enterprise concerns Value add opportunities Reusable architecture

The Personal Storage Device Environment Legacy OS New OS 1998 – 2005 Legacy “MSC Device” 2006 – 20xx New “Personal Storage Device”

Window’s USB Stack Changes A new Device Class Requires additional driver for locked devices Launches Windows “Found New Hardware” experience if locked and no driver When device is unlocked we switch back to USBSTOR.SYS USBSTOR.SYS Standard Windows driver for USB mass storage

USB.SYS Hardware Device User Application Vendor Unique USB.SYS User Lexar’s PSD-Lock™ USBSTOR.SYS Locked Device driver Window’s USB Stack Changes Provided by Microsoft ISV IHV USB.SYS Std. Device User Application USBSTOR.SYS Lexar Windows Inbox

Technology Benefits Open architecture High percentage of end-user lost/theft scenarios addressed No additional system/device overhead Enables features for all markets Consumer level locking without additional cost Extensible architecture for more complex locking policies No licensing fees

Added Value Opportunities Easy to Use Low Cost Highly Secure USB Lockable Storage Password strength protection mechanisms Biometrics Add HW Encryption Integrate into Centrally Managed software Harden saved passwords in Windows Continued standards activity Built-in Windows Shell support Continued standards activity PC Industry adoption Continued standards activity Built-in Windows driver support

USB Lockable Storage Pat LaVarre Design Engineer OEM Products

Future Lexar Technologies

Solutions For A Reusable Architecture Locking other USB “Things” Discourage theft Authentication Device to Host Host to Device Fixing USB flash card readers Which drive did I insert my media into?

Call To Action OEMs, ODMs, IHVs, and ISVs Support USB Lockable Storage Send feedback to Microsoft at Microsoft Provide Windows logo requirements for USB Lockable Storage Provide inbox support for USB Lockable Storage in Windows Vista microsoft.com

Additional Resources Web Resources Join USB-IF Authentication IEEE TCG Microsoft Windows Logo Program Lexar White Papers USB Flash Drives to revolutionize Removable Storage in Personal Computing Related Sessions Session name: Personal Storage: Opportunities and Challenges for Pocket-Sized Storage Devices in the Windows World alias lexar.com lexar.com

© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.