Information Assurance

PCI-GENERAL™ is designed to provide information assurance for the MySQL data, something a regular MySQL server simply can't provide. Here are some of the techniques used to achieve information assurance.

Trusted operating environment
Data security and assurance can only be achieved if every layer of the software and hardware can be trusted. The Security-GENERAL™ platform utilizes a transitive trust model in which data is secured using a stack of trusted components. Starting at the hardware layer, the BIOS verifies that the boot code has not been tampered with, and gives it control; the boot code, in turn, verifies that the kernel has not been modified (a frequent source of compromise by a malicious administrator with physical access to the disk). The kernel then finishes booting, validating each service and each application before it launches them. Thus, the main application is now running in a trusted system, where the owner knows that only the Packet General provided software is running. Depending on the underlying hardware, secure or authenticated booting guarantees that only the authentic operating system supplied by Packet General can run on the platform, thus preventing rogue administrators from loading their own kernel and bypassing access controls. The Packet General Security Token (PG-ST) is used as the “root of trust”.

Protection against "privileged insider"
Misplaced trust in the privileged user (“root”) exposes a regular MySQL server to ever-increasing malicious activity. This is because the underlying operating system implicitly trusts the privileged user which leads to many problems. For example, a malicious privileged user can view MySQL data. Moreover, the malicious privileged user can launch subtle attacks by changing MySQL data. Any record of such activity can be easily altered or deleted by the privileged user. This not only violates the corporate trust but also results in regulatory non-compliance.

Misplaced trust in the privileged user (“root”) exposes application servers to ever-increasing malicious activity. Security-GENERAL™ platform eliminates this very critical flaw. Role-based access control mechanism is used to manage the Security-GENERAL™ platform. The “root” user is allowed to manage the platform in a normal manner however the “root” user can’t see or alter the protected data.

FIPS 140-2 Level 2/3 compliant key management
The security of any cryptography-enabled system ultimately depends on the security of the cryptographic keys and certificates used. Key generation, storage, and/or distribution are always critical aspects of any distributed secure system. Security-GENERAL™ uses several cryptographic keys to provide a comprehensive solution. The encryption keys are stored in FIPS 140-2 Level 2/3 compliant smart-cards. The key management system is equipped to revoke or rotate keys.

Tamper-resistant audit reports
In order to provide extended auditing and monitoring capabilities, as well as to comply with regulatory requirements when necessary, all data accesses are logged. Reports of varying degrees of detail are generated, time-stamped and cryptographically signed. The logs themselves are stored in a secure vault to provide non-repudiation. Security-GENERAL™ automates reports in a manner that reduces compliance and audit costs. Reports are cryptographically signed to provide necessary legal admissibility of records in the court of law. Security-GENERAL logs network connections as well as data accesses. The logs are cryptographically time-stamped and signed, so that they can be used as evidence.

Separation of duties
PCI-GENERAL™ uses role-based management in order to limit access to system components as well as to MySQL data files to only those individuals whose job requires such access.

Data integrity
A successful attacker can alter the data stored in a MySQL server or alter the functionality of the MySQL server so that sensitive information is revealed. Users and administrators of the system remain unaware since it's done without altering the expected behavior. PCI-GENERAL™ eliminates data tampering. It computes checksums before data is written to the disk. Upon receipt of a read request, the integrity of data is re-established by matching the expected checksum values against the actual checksum values. These powerful capabilities ensure data integrity.