A new type of a secure platform for deployment of mission-critical applications
Data storage security has become a critical issue for private enterprises and public organizations, as well as governments. Managing and securing customer and user data is a growing concern for Information Technology (IT) departments, especially when operating under the current regulatory requirements. To address these concerns companies must embrace new solutions that do not interfere with their normal operations. The usual approach to these problems is to use a commercial off-the-shelf (“COTS”) environment with an encrypted file system or disk. Such ad hoc approaches do not fully address the need for data security; decoupling the application from the underlying security mechanisms, securing a general-purpose operating system, and awkward management interfaces are all major hurdles. Security-GENERAL™ is the industry’s first cryptographic application appliance. Our technology is built from the ground up to permit the secure deployment of mission-critical applications. The appliance is tightly coupled to the application, enabling a customized solution tailored to the needs of the enterprise.

Why an appliance?
The purpose of the appliance is to protect the data at the source. The appliance contains the application and the secure operating system, along with the cryptographic layer to secure data throughout its lifetime. This model offers much stronger guarantees than piece-meal architecture that relies on multiple, disjointed components.

Data security and assurance can only be achieved if every layer of the software and hardware can be trusted. Security-GENERAL™, a cryptographic appliance utilizes a transitive trust model in which data is secured using a stack of trusted components. In order to make sure that we start from a pristine state, our soft appliance is installed on a bare metal machine. During normal operations, our hardware smartcard based tokens (root of trust) ensure that the appliance starts from a secure, authenticated state.

Encryption and decryption are completely transparent to both the application and the client and require no changes to the application or the data structures. All normal interactions between the application, authorized remote administrators, and clients are controlled by the application, like MySQL. Security-GENERAL™ simply empowers the application’s access-control mechanisms to operate as they were intended to – by providing a secure environment in which the application can run.

Strong Data Encryption Algorithm
In 2000 NIST introduced the Advanced Encryption Standard (AES). The AES algorithm can use key lengths of 128, 192 or 256 bits. Security-GENERAL™ uses a key length of 256, the longest key length possible. In general, the longer the key, the harder it is to decipher it correctly. Security-GENERAL™ protects all application data with AES-256 encryption. All data is stored in encrypted form – including data stored on external storage devices and backup tapes. Encryption and decryption are completely transparent to both the application and the management programs and require no changes to the application or the data.

For increased security, the appliance implements strong access control. Every operation invoked is checked to make sure that the initiator possesses sufficient privileges. Furthermore, there is strong role separation to ensure that rogue administrators do not compromise the security of the appliance.

Key Management
Cryptographic keys used to encrypt data are not stored on the Security-GENERAL™ appliance's disk - to do so would render encryption useless. Keys are split in "shares", with one share stored on a FIPS 140-1 level 2 & 3 compliant smart-card (with EAL5/EAL5+ chip and EAL4+ operating system), and the other stored on the actual appliance. Federal Information Processing Standard (FIPS) 140-2, titled “Security Requirements for Cryptographic Modules” was signed on 22nd June 2001, superseding FIPS 140-1. The Standard sets requirements for cryptographic modules to be used in sensitive but non-classified government systems.

Cryptographically Signed Reports
Security-GENERAL™ securely logs all administrative activity – and provides a variety of periodic auditing reports. Reports are available in monthly format, and are e-mailed to specified administrators. In addition, reports may be e-mailed to an Auditor (the auditor has no administrative rights other than to receive the monthly reports). All reports are signed cryptographically to ensure that they cannot be tampered with after creation, and duplicate copies are stored at a secure location for later retrieval.

Security Patch Management
Automatic updates ensure that our appliances are always running the latest and most secure version of the code. Packet General security experts monitor all security advisories, and test their suggested resolutions (patches) before directing our appliances, located at the customer site, to securely and automatically download the necessary updates. A single-click implementation enables a quick and assured resolution to a known security problem, eliminating the window of vulnerability between the availability and the installation of a security patch.

Encrypted Backups
Security-GENERAL™ obviates the need for special-purpose encrypting backup devices. The backup files are transparently encrypted and stored on a remote Linux/Unix machine. This enables the enterprise backup utility to continue to operate without any disruption. Proper care is taken to make sure that the keys used to generate the encrypted backups are available in an emergency.