Return to State of Data Taxonomy

Return to Top

Data-at-Rest refers to all data in computer storage. It excludes data while it is moving across or within a network and it excludes data that is temporarily residing in computer memory. Data-at-Rest refers to data that is actively being accessed within the computer storage, data that is archived (i.e., backups), or reference data that change rarely or never.

Here are some specific, traditional examples of Data-at-Rest:

• Data in a DIDO (i.e., Blockchain, Distributed Ledger Technology (DLT), Directed Acyclic Graph (DAG), etc.)
• Data on Servers
• Corporate data stored on the hard drives of local computers including Desktops, Notebooks, and Mobile Devices
• Data on an external backup medium including Archival Nodes
• Data stored on Storage Area Network (SAN) devices
• Data on offsite Cloud Storage service providers (i.e., Google, Dropbox, Apple, Microsoft, etc.)

Businesses, government agencies, and other institutions are concerned about the ever-present threat posed by hackers to data at rest. In order to keep data at rest from being accessed, stolen, or altered by unauthorized people, security measures such as data encryption and hierarchical password protection are commonly used. For some types of data, specific security measures are mandated by law.

Return to Top

Within DIDOs, the Data-At-Rest refers to data actually residing on the Nodes in the Blockchain, Distributed Ledger Technology (DLT), Directed Acyclic Graph (DAG), InterPlanetary File System (IPFS), etc. However, not all Nodes have the same data. For example, a Pruned Node has less data than an Archival Node. An Archival Node has more data than a Lightweight Node (Wallet). Regardless of the specific data or the quantity of data, once it is distributed onto the nodes it is classified as storage.

Within Ethereum, this data labeled Storage within Solidity and represents two 32 byte values. One representing the [dido:public:ra:xapend:xapend.a_glossary:k:key]] for the Storage, and the other representing the data value associated with the key. As a general rule, the key value is an address within the Node Network.

Within a DIDO, Data-At-Rest is generally physically available to anyone having access to the Node. Depending on the Network Access Control, the risk can vary. In a Private Network there is obviously less risk than there is a Public Network, however, this depends on the Securability of every Node in the Node Network.

It is best to assume there is

• No Physical Security - Unless the DIDO is completely locked down with a few well physically fortified Nodes, there is no Physical Security. If they are locked down, how distributed is the system?
• No Platform Security - DIDOs are all about the data and if anyone gains access to the machines there is no Platform security other than the encryption of the data. No matter what is done on the platform, the data can be accessed by other platforms that may be compromised.
• No Application Security - DIDOs are all about the data and if anyone gains access to the machines there is no Application security other than the encryption of the data. No matter what is within the application, the data can be accessed by other platforms that may be compromised.
• No Culture Security - Unless a DIDO is Permissioned and Private network, there is no way to rely on cultural security.