Enhanced Storage Architecture Jim Bovee, Scott Lee Senior SDE, Senior SDE Devices & Storage Technologies Jim.Bovee@microsoft.com, scolee@microsoft.com
Agenda What Is Enhanced Storage? Enhanced Storage Architecture Enhanced Storage Extensibilities Guidance and Resources
What Is Enhanced Storage?
What Is Enhanced Storage? New platform for storage hardware enhancements. Bus and protocol agnostic. Extensible to support proprietary hardware.
Key Enhanced Storage Features Native Windows experience for certificate- and password- protected USB storage devices. Infrastructure to discover and support proprietary hardware enhancements either through a driver or user-mode API.
Enhanced Storage Architecture
Enhanced Storage Architecture Microsoft Applications 3rd party Applications Application to System Channel Interface Layer (APIs, IOCTLs, UMDF Drivers) 3rd party Extensions Abstraction Layer Transport Layer (Standard Protocols) e.g. IEEE 1667 System to Device Channel Storage Device (Hardware and Firmware) e.g. USB drive firmware
3rd Party Vertical Application Enhanced Storage Architecture Enhanced Storage Shell Extension ISV Application 3rd Party Vertical Application Enhanced Storage APIs Process Boundary IEEE 1667 Silo Drivers Password Silo, Certificate Silo 3rd Party Silo Drivers UMDF Kernel Boundary Kernel Storage Stack Bus Drivers (i.e. usbstor) Host Boundary Device Firmware Vendor Silos Standard Silos
IEEE 1667 Overview Storage Model ACT (Addressable Command Target) Mapping to SCSI means LUN = ACT ACT must minimally have a probe silo Probe Silo Password Silo Certificate Silo Other Silos User Data Area Silo Model is extensible Capabilities Discovery Capabilities Extensibility
IEEE 1667 Silo Support Roadmap Probe Password Certificate Proposed Silo X Proposed Silo Y Vista , Windows 7 Future
Enhanced Storage Extensibilities
Enhanced Storage Extensibilities Extend by defining a new IEEE 1667 silo. Provide device experience with bundled software. Communicate to device through silo driver or raw command API. Can participate in Enhanced Storage authorization process and expose device-specific features in My Computer.
Advantages of Silo Driver vs. Raw Command Raw Command API Access and transaction control. Rudimentary enforcement. Participate in authorization and UI. No participation in authorization and UI. Context menu action verbs in My Computer No context menu action verbs in My Computer Translation/validation layer. Raw commands sent directly to device. Recommendation: Use Silo Driver approach for best Windows experience
Extensibility Example – USB Digital Clock with Storage Digital Clock features Set alarm Display time Query when the time or alarm was last set
Extensible Silo Development Process Choose a provisional Silo Type Identifier (STID) for initial development. Define the commands, payloads, status code, etc. Implement hardware prototype. Decide on Windows support for the silo based on desired user experience. Raw Silo Command Silo Driver Implement Windows host support Contact 1667 Working Group for an official STID.
Enhanced Storage – Example UI
Enhanced Storage – Example UI
Enhanced Storage – Example UI
Enhanced Storage – Example UI
Guidance and Resources
Hardware Design Guidance Enhanced Storage device discovery process requirements SCSI inquiry INC_512 support Silo authorization requirements Assumes authentication is equivalent to authorization Read access to logical block address (LBA) in Not Provisioned state
Call to Action Develop and submit hardware for validation. Evaluate IEEE 1667 and use this protocol to implement hardware enhancements.
Resources Enhanced Storage Program Provide early access to binaries and tools. Email: enh_stor@microsoft.com IEEE 1667 http://www.ieee1667.com 1667stor@microsoft.com
Related Sessions Session Day / Time Enhanced Storage Device and Application Development Tues. 9:45-10:45 and Wed. 2:45-3:45 IEEE 1667 Password Silo Tues. 1:30-2:30 and Wed. 11-12 IEEE 1667 Certificate Silo Tues. 2:45-3:45 and Wed. 1:30-2:30
Questions?
Appendix
Enhanced Storage V1 Scenarios Description Vista Next Release of Windows IHV Customized Device Application Extensibility Extensible infrastructure for internal and external partners to grow and build device experiences within Windows. Full support Protecting USB-attached Storage with Password Authentication A standard password allow/restrict access experience that is native to Windows for USB flash drives and USB external storage. Password based authentication experience using shell extension Protecting USB-attached Storage with Certificate Authentication Allow/restrict access capability based on certificates, such as domain/user account information. Certificate based authentication experience using shell extension, APIs for Provisioning Group Policy support and provisioning tools. Group Policies and Device Management (detail instead of category) Enabling enterprises to configure and secure devices to work seamlessly in their corporate environment, but are secure when taken outside. Group Policies for Certificates, Password, and Device ID.