Java Solaris Communities Partners My Sun Sun Store

United States Worldwide

Contrarian Minds
»	Contrarian Minds Archive

The Security of Data at Rest

Ensuring that stored-and-stolen equals stolen-and-useless.

By Al Riske

08.Feb.06--The thing about disruptive technologies is that everyone talks about them but few people actually recognize one the first time they see it.

One of the few who does is Jim Hughes.

Five years ago he jumped on an opportunity to solve a problem most people didn't know they had.

So there was no market for the solution.

So his boss at the time wasn't really interested.

So two top competitors had already passed on the idea.

"I not only jumped on this thing, I jumped on the ceiling. I just jumped! And I said yes," Hughes recalls. "Since it didn't require a dime from my boss, I figured I had the authority."

Hughes, a Sun Fellow who joined the company with the recent acquisition of StorageTek, was in Washington, D.C., at the time. As he tells the story, there was "a small Norwegian company" looking for a U.S. partner so it could lobby Congress for funds to create a disk-drive encryptor.

"This was a no-brainer for me," he says. "The worst that could happen was that Congress would give us no money, and we'd be no worse for wear. The best that could happen was that Congress would give us some money, and then we'd have money and I wouldn't have to convince anyone that there was a business case."

Flash forward and you see the business case in the daily news.

New laws in various places require that, when a company loses the personal information of customers – when a tape, disk drive, or laptop is lost or stolen – the company has to let those customers know that their data may have fallen into the wrong hands.

"Five years ago people were looking at me, saying, 'What? Why? Who cares?'" Hughes says. "I saw the problem. I saw the opportunity."

The result?

"We, Sun, are now one of the first vendors to produce an encrypting tape drive, leading the market," he says. "It's called the Titanium tape drive."

"Five years ago people were looking at me, saying, 'What? Why? Who cares?' I saw the problem. I saw the opportunity."

Jim Hughes
Sun Fellow
Sun Microsystems

Once the funding was approved, the solution came together.

"It was a piece of hardware that went between the motherboard and the hard drive and could not be subverted," Hughes says.

And it was a relatively simple matter to work with the tape-drive engineering team to create a solution for the company's tape drives.

The problem with software solutions, he points out, is that every software process ends with an instruction that says branch equal/branch not equal.

"If it says branch equal and you change it to branch not equal, then every time you put in a wrong password you'd get in. Only when you put in your right password would you get Password Denied."

The problem with other hardware solutions, he says, is that they cost about $50,000 – a thousand times more than the new approach.

Some people say it's not an apples-to-apples comparison. Hughes says, "If an apple is $50,000 and an oranges is $50, I may choose to eat oranges."

Perhaps Hughes learned to recognize disruptive technologies because he once worked for a company that was devastated by one.

"Network Systems was doing 200-megabit-per-second networking in 1974, when everybody else was doing 9600 baud. Sun was founded in what, 1982? By 1984 or '85 Sun was becoming an issue for us," says Hughes, who had joined Network Systems in 1980.

"I remember our marketing VP asking me, 'What are we going to do about this Sun company? We charge $20,000 to hook a minicomputer up to our network. They charge nothing, because they put the network interface [Ethernet] on the motherboard. How do we compete with this?' The company took the stand that our networking was better, that Ethernet wouldn't work, that the comparison was apples to oranges. So everybody stopped eating apples and started eating oranges."

"Any smart person can design a complicated solution. It takes more than that to create a simple solution."

Jim Hughes
Sun Fellow
Sun Microsystems

Hughes concedes that developing disruptive technologies requires a tricky balancing act.

"If you wait for the market to arrive before you start, you're already too late. If you take a risk and build it and the market's not there, you've squandered resources," he says.

Hughes spends as much time as he can with customers to see what problems they're having and which are the most painful, but even customers can't always say exactly what they need.

He tells the story of a government customer that came to the executive briefing center at StorageTek (now Sun's Data Management Group) to talk about its needs. Afterward he had dinner with them and the conversation went something like this"

"Would you find an encrypting tape drive to be valuable?"

"Oh, heck, yes."

"Well, why didn't you tell that to the executives in the briefing center?"

"We have lots of problems, Jim. We didn't know you could solve that one."

In short, he says, "This matchmaking between products and problems is hard."

There are technical and political challenges and huge risks all along the way, but there's nothing Hughes would rather be doing.

"I wake up in the morning and ask myself, 'What do you want to do today?' This is it," he says. "I find Sun to be an incredibly stimulating environment."

Jim Hughes

Title: Sun Fellow

Job: Responsible for driving the technology behind a key aspect of Sun's data management strategy and architecture -- the security of data at rest.

Expertise: Networking, storage, cryptography, information security.

Claim to Fame: Recognizing, early on, the importance of encrypted storage.

Honors: Named "Innovator of the Year" by InfoWorld magazine in 2004 for his work on the advanced encryption technology standard P1619.

Quote: "Any smart person can design a complicated solution. It takes more than that to create a simple solution."

Background: More than 30 years of experience in the computer industry, including stints at Control Data, Network Systems, StorageTek, and now Sun Microsystems.

Education: One college course, two junior college courses.

Little-Known Fact: Has no college degree.

Patents: 11 issued, several more pending.

What He Wanted to be When He Grew Up: "This. I was programming computers in high school and it just stuck. To program a computer in 1970 was not a common thing, but it just came naturally to me."

Accomplishments: Did pioneering work in VPN Routers, gigabit encryption, and firewalling of ATM data networks. Designed some of the first 32-port Gigabit HIPPI switches for the switching of storage systems to high-performance supercomputers. Designed the cryptography in "The Security Router" and "Borderguard" -- one of the first successful VPN routers.

Affiliations: Senior member of IEEE. Chairs the IEEE P1619 Security in Storage workgroup and the IEEE-CS Technical Committee on Computer Elements.

Why He Does What He Does: "It's all about learning new things, and when you learn new things it helps you do the job."

Hobby: Flying airplanes.

Passion: New ideas.

Last Book Read: Core Java 2, Volumes 1 & 2. ("I hadn't used Java in eight years because at that time it didn't seem complete. The language seems absolutely beautiful now.")

Favorite Food: Yes.

Pet Peeve: People who don't realize how much they don't know.

Most-Admired Person: Alan Turing.

What Keeps Him up at Night: "How to make my research relevant to the rest of the company."

What's Next: "The Web is going to turn into a read-and-write resource. How is privacy going to happen? VPNs are not the answer. File encryption as it is practiced today is not the answer. So how do we make infinite and free storage, which is what the Web will be, usable and secure?"