Build a Mini-ITX Data Vault with Hardware-Based Data Encryption

Advances in threat-detection and data encryption have created a demand for software firms like WinMagic and Cypherix, whose packages can protect individual files or entire disks. You can even encrypt folders under Window XP, but there are costs associated with these solutions when it comes to performance. Specifically, if your CPU is tied up encrypting and decrypting files, it has less time to work on instructions associated with your applications. The result—at least on busy systems—is slow response times, often accompanied by the dreaded hourglass icon.

The solution? Pick and use components with hardware-based data encryption. By working with these components, you'll get a data vault with better performance—and save money, too.

In this Recipe, I'll show you how to beat the performance and cost of software data encryption by building with slick, powerful components that feature breakthrough hardware-based encryption technology.

Further, with this sleek mini-ITX data vault, you can lock up critical data in a tiny package. Best of all, your clients won't see decreased performance from data encryption. That's mainly because, unlike popular software encryption techniques, the complex encryption and decryption algorithms are built right into the mini-ITX mainboard.

id
unit-1659132512259
type
Sponsored post

At the heart of our data vault is a 6.7-inch x 6.7-inch mainboard that holds the usual complement of motherboard components—CPU, memory, and bus architecture—in a tight little package. It also packs a collection of low-level software routines written specifically to do some serious data encryption. These routines serve the same purpose as a software encryption package, but run much more efficiently, as they don't require loading or translation into hardware instructions.

We'll also equip our little data vault with an affordable (about $50) biometric security device built into the mouse that uses fingerprints to check who is at the keyboard. This will also help your customer manage passwords without having to write them down. This device uses Trueprint technology (more on this later) to read the ridges below the outer layers of a person's skin for foolproof fingerprint identification. That's a whole lot of security in a small and stylish package. Best of all, it's inexpensive.

For system builders who'd like to add hardware-based encryption to their client's existing systems, I'm also including an inventive, military-grade encryption add-on disk system. The result is a system that deters unauthorized users, as it requires an actual hardware key. By deploying this terrific security feature, your clients can easily slip the encrypted disk out of the PC for transport or safe storage.

The Big Picture on Mini-ITX

Mini-ITX's ultra-compact mainboard form-factor was developed by VIA Technologies, a Taiwanese company known for its mini-ITX innovation and manufacturing. The highly integrated features of mini-ITX mainboards from VIA and Phylon (to name but two) are ideal for building information and entertainment systems that are powerful, quiet, and small.

Protected by cases that are both ergonomic and innovative, mini-ITX mainboards can be used to build powerful, compatible PCs with a vastly reduced size. (For example, they're about two-thirds smaller than the FlexATX motherboard, the smallest of the ATX family.) These boards also pack all the punch of a full-sized PC, while running far cooler and more quietly. In short, these features have made mini-ITX solutions the most popular choice for embedded applications and appliance computing—anywhere space is an issue. (For more on mini-ITX, see the Resources section at the end of this Recipe.)

The Pros and Cons of Implementing a Mini-ITX Solution

Here's a brief summary of the highlights of working with a mini-ITX:

On the flip side, here are a few limitations you should consider before implementing a mini-ITX solution:

Ingredients: Data Vault Hardware

Here's what's required on the hardware side in creating a mini-ITX data vault. We'll take a look at our choices for components for our compact data vault and why these parts are a good fit for this Recipe. But before we start, take a look at the following illustration. It shows the relative size of our compact data vault and how its key components fit together:

Here are the hardware components I recommend:

Ingredients: Data Vault Software

And here's the software involved for our data vault project:

Hardware Assembly for the Mini-ITX

Assembling a mini-ITX box follows all the same principles as a standard ATX PC build, but requires special attention to space and some different-looking parts. For example, while mini-ITX mainboards may support a PCI card, most cases are styled too flat to support the card's full height. To address this issue, cases come with a horizontal riser to reorient the card horizontally. It's clear that most mini-ITX cases are built to take full advantage of the small format to present a correspondingly small footprint. This means that, as with PCI cards, components like media drives are frequently located directly over each other and perhaps the mainboard as well. This presents a dense configuration of parts and close quarters in which to work. The end result, however, yields a powerful, compatible system in a small and stylish package that looks and works great.

Mini-ITX is cool and quiet. One interesting difference from standard ATX formats is that mini-ITX components are designed to run cool. Unless you have a special application—for example, constant drive access or limited access to outside airflow—systems can run with either minimum cooling or, in many cases, no fan at all!

Now let's move on to the 13 steps for assembling our mini-ITX data vault. But first, prior to beginning assembly, download VIA's detailed product manual, as only "Quick Start" directions come packaged with VIA's mainboard. Once you have the manual, dig in:

Software Installation for the Mini-ITX Data Vault

After loading Windows XP Professional, you should download and install VIA's StrongBox application. Your clients can use StrongBox to create virtual disks of various sizes for use with their favorite applications. Here are the two steps for downloading and installing VIA's StrongBox utility:

And here are the four steps toward creating a virtual disk with encryption:

Here are five steps to installing the APC biometric mouse BioM34's software and password management utilities:

From the software's system tray icon, you can manage users, enroll new fingers, and change settings. Biometric Mouse Password Manager enables mouse usage, password management, wave-file audio prompts, and even some powerful software file encryption. Using the Biometric Mouse and the Encrypted Data StrongBox

Once restarted, the Windows logon screen will appear, along with a new Logon User Authentication screen. You can either enter a username and password as normal, or simply place your finger on the sensor and drive ring of the BioM34 mouse. Upon proper authentication, the BioM34 will automatically fill in the logon screen and log you onto the computer. BioM34 also supports Window's Fast User Switching, so a new person authenticating for using the PC will immediately get their personal settings and desktop with a touch of their finger the mouse.

The StrongBox virtual drive you configured earlier will now appear under My Computer as a green folder with a gold-colored padLock. This icon is shown as locked when the drive is locked or unlocked when the password has been correctly entered.

Right-click on the drive, and choose unlock to enter your password and unlock the drive, as depicted here:

StrongBox automatically locks the virtual drive any time the PC is shut down or restarts. Additional StrongBox drives can be easily added and maintained using the StrongBox Control Center, which is shown in this next screenshot:

You can also choose to have your StrongBox automatically lock up client's data when a screensaver is activated.

Adding Hardware-based Encryption to Existing Systems

If you're not sold on the power built into VIA's mini-ITX mainboards—or if you need transport encrypted disks, or you wish to add hardware-based encryption to your existing ATX designs—then a unique product called Saturn Cipher Hard Drive Kit may well be the solution.

Designed by Addonics, the <"http://www.addonics.com/products/cipher/">Saturn Cipher kit offers an external or removable drive with hardware based 64-bit DES/TDES or 128-bit DES/TDES full disk encryption. Addonics says a 192-bit version is on the way, too. The Cipher drive is shown here:

At the heart of this product's data encryption is Enova's ASIC security technology. As with VIA's on-board encryption engine, data is encrypted and decrypted on-the-fly without taking any CPU resources. But the major difference is that Addonics' encryption is based on a hardware "key." Each Saturn Cipher kit comes with a set of unique hardware keys, similar to the ones you might use to start your car or open your front door. Using a hardware key to lock or unlock a drive adds a layer of physical security to your client's data.

Another benefit of the Saturn Cipher kit is that it allows the system builder to use any hard disk without relying on a particular disk manufacturer for encryption technology. Also, some clients might prefer a hardware key solution; it is simple to deploy, requiring little or no training, no software to install, and no password to remember. These benefits could be especially important in organizations that use multi-platform computing.

The Saturn Cipher kit works with SATA, IDE or even 2.5-inch IDE hard drives&#8212;and it's easy to deploy and implement. By the way, if your client has already invested in the regular Saturn drive kit, you can add the Saturn Cipher encryption solution by simply purchasing the Saturn Cipher drive enclosure. The only difference in using a Saturn Cipher enclosure is the addition of the encryption key.

SIDEBAR: Learn More About Mini-ITX

If you'd like to do some reading about working with the mini-ITX, here are some useful resources from around the Web:

ANDY MCDONOUGH, a regular contributor to TechBuilder.org, is a professional musician, composer, voice actor, engineer, and educator happily freelancing in New Jersey.