IEEE 1667-2009

This project defines a standard protocol for secure authentication and creation of trust between a secure host and directly attached Transient and other Storage Devices, such as a Universal Serial Bus (USB) flash drive, portable hard drive, or cellular phone. The protocol has only an indirect relationship with data integrity/security, and does not directly address issues of authorization and enforcement. The protocol also does not address devices that are attached using a network connection. However, a device that uses a point-to- point wireless connection such as wireless USB may comply with this protocol.

Industry has witnessed explosive private and corporate growth in use of transient and externally attached storage devices. Although these devices often serve much the same functionality that floppy disks once did, the necessity of authentication (one and two way) on such devices has become paramount. Enterprises are now beginning to require authentication of devices before connection by a host is permitted. No standard way of accomplishing that authentication exists for these devices. This standard will act to ensure the security of the enterprise using these devices while allowing a continued robust market and a convenient method of transporting information for the user.

Revision Standard - Superseded. This project defines a standard protocol for secure authentication and creation of trust between a secure host and a directly attached Transient and other Storage Devices, such as a USB flash drive, portable hard drive, or cellular phone. The protocol has only an indirect relationship with data integrity/security, and does not directly address issues of authorization and enforcement. The protocol also does not address devices that are attached using a network connection. However, a device that uses a point-to-point wireless connection such as WUSB may comply with this protocol.