9

Why types of media are Write Once Read Many (WORM) other than CD-R, and DVD-R, say, something in the 100GB range?

Are there such devices?

What would it take to read them?

Are the devices like this that can do their one write, and all their reads through a common standard interface like USB?

Note: I cannot create tags yet, but I think that this question should be tagged as storage-medium, ROM, or something similar. Perhaps that tag should be created?

aef
  • 267
  • 1
  • 10
soandos
  • 533
  • 3
  • 14

2 Answers2

4

I don't know of any other write-once media with storage in the 100GB range.

I can see two possible approaches to address your needs:

  • Build a secure system that provides append-only access to dedicated storage. You could build a custom, single-purpose system that has a collection of computers (running dedicated software) and dedicated storage (e.g., dedicated hard disks), which exists only for the purpose of providing high-capacity write-once storage. The software running on those machines could be entrusted with enforcing the append-only/write-once property. If you keep the software on those machines simple enough, and protect the system from attack, then you may be able to get some assurance that there is no way for an attacker to modify data that has already been written.

  • Use secure logging functionality. You may be able to store your bulk data on standard high-capacity media (e.g., hard disks, tape), and then keep a secure audit log of the data on write-once low-capacity media. If the audit log contains a hash of each large file written to the standard media, then this provides a way to detect (but not prevent) any modification/deletion/overwrite of the data stored on the high-capacity media. There are many sources for low-capacity write-once media, from line printers, to CD-R/DVD-R, to Sandisk's dedicated SD card with 1GB of write-once storage. See my answer elsewhere for more details.

I would also like to direct you to the following research paper, which I believe may be highly relevant to your needs:

  • Radu Sion, "Strong WORM", International Conference on Distributed Computing Systems (ICDCS 2008).
Community
  • 1
D.W.
  • 98,420
  • 30
  • 267
  • 572
  • With regard to the SD card, I seem to recall reading somewhere that if it has a hardware write enabled switch, then it just asks the OS to consider it read only, but the OS can ignore the signal. I assume that this is not the case here? Also, this refers to a central location that is running only certified logic and hardware. Is there a way to do this on a portable basis? I would like to have to avoid setting up a dedicated server for this. – soandos Dec 11 '11 at 02:13
  • 2
    @soandos, Many SD cards have a write-protect switch, but that's different. The Sandisk SD card I referenced is fundamentally different: it is designed exactly to provide write-once storage. Don't get the everyday write-protect switch confused with this particular Sandisk SD card. As far as doing this on a portable basis, no, if you follow the "Build a secure system" approach, it must be implemented on single-purpose trustworthy machines -- so where you implement it going to be based on what devices you can protect/trust. – D.W. Dec 11 '11 at 03:54
3

Depending on your needs, you could use a standard SATA hard drive with a hardware write-blocker, e.g. bridge devices intended for use in computer forensics. For example, this device has three drive connections, each with a read-only/read-write switch. It's not strictly "write once", and magnetic media does suffer from the potential for damage. It won't work as a destination for streaming log messages, but it would work for applications where you plan on writing, say, a secure OS image and then forcing it to read-only so that rootkits can't persist across reboots. You can use the same scheme and avoid magnetic media reliability problems with a SATA SSD. Either approach would provide very high capacity. This strategy doesn't protect you from modification by someone with physical access (they can just flip the switch), but it does protect you from modification through online access.

bstpierre
  • 4,868
  • 1
  • 21
  • 34