ERUCES Tricryption Engine

1
Protecting Information Storage Is Your Data
Secure?
ITAA Webcast, January 9, 2002
2
Defining and Solving the Data Security Dilemma

• Identifying Who is at Risk
• Understanding the Sources and Types of Threats
• Examining the Costs of Insecure Data
  Infrastructures
• Defining Data Security Requirements
• Common Approaches to Data Security
• Shifting Data Security Paradigm
• New Approach for Protecting Data Storage

3
Who is at risk?

• According to the 2001 Computer Security Institute
  (CSI) and Federal Bureau of Investigation (FBI)
  Computer Crime and Security Survey, eighty-five
  percent of companies and government agencies
  polled have detected computer security breaches
  within the past year.
• Study found cyber crime does not discriminate,
  but instead crosses all major sectors (e.g.
  Government, Financial, High-Tech,
  Telecommunications, Medical, Manufacturing, etc.)
  and touches all sizes of operations, from small
  businesses to national agencies to global
  enterprises.

4
Sources and Types of Threats

• 2001 Information Security Industry Survey reveals
  insider attacks occur more frequently than
  intruder attacks. Whereas data
  privacy/confidentiality was identified as the
  number one concern of security professionals,
  improving perimeter security to counter external
  threats remained their number one priority.
• CSI/FBI study shows rise in external threats, but
  cautions that insider threats are likely more
  costly. Security professionals list in order of
  likelihood disgruntled employees, independent
  hackers, U.S. competitors, foreign corporations
  and foreign governments as probable sources of
  attack.

5
Sources, Types of Threats Contd

• In a layoff economy, you are tempting fate with
  poor security. Company loyalty does not exist
  when companies do not reciprocate it. 2001
  Information Security Industry Survey respondent
• Reported Incidents Software companys network
  penetrated and application source code accessed
  government agencys classified information
  removed e-commerce sites credit card database
  stolen financial services companys customer
  transactions and account information compromised
  internet securities firm blackmailed by
  disgruntled insider.

6
Tangible Costs of Poor Data Security

• Theft of proprietary information cited as the
  greatest source of security-related financial
  loss, followed by financial fraud.
• Most costly single incident of theft of
  proprietary information reported in 2001 CSI/FBI
  survey cost the victim 50 Million.
• 700,000 cases of identity theft reported last
  year. Estimates put losses from credit card
  fraud at 9 billion for 2001.

7
Tangible Costs Contd

• Enacted federal privacy legislation requires
  company officers and employees to maintain
  reasonable and appropriate technical safeguards
  to insure integrity and confidentiality of
  personal information to protect against any
  reasonably anticipated threats or hazards to the
  security and integrity of information, or
  unauthorized uses or disclosures of the
  information.
• In the case of the Health Insurance Portability
  and Accountability Act (HIPAA, Public Law
  104-191), penalties for non-compliance due to
  willful neglect include fines of up to 50,000
  and 1 year in prison per violation. Congress is
  also considering the Financial Institution
  Privacy Protection Act, which would stiffen the
  Gramm-Leach-Bliley Act (GLB, Public Law 106-102)
  to make company officers and directors liable for
  up to 10,000 for each privacy violation.

8
Intangible Costs of Poor Data Security

• According to a recent ITAA survey, 74 of
  Americans polled fear their personal information
  could be stolen or misused via the Internet.
  Other indicators show many remain reluctant to
  conduct business online amid fears of identity
  theft and privacy invasion.
• Slower consumer adoption of e-commerce deprives
  companies of full benefit of cost savings
  associated with e-business.
• Publicized breaches often lead to tarnished
  corporate image/damaged brand integrity.
• Trade secrets in the hands of competitors could
  cost millions.
• Fallout from security breaches usually causes
  disruption of business processes for damage
  assessment and recovery.
• Compromised national security could put many
  lives in jeopardy.

9
Defining Data Security Requirements

• A comprehensive data security plan must do all of
  the following
• Protect sensitive data against both internal and
  external threats to data security
• Protect data at rest, not just data in transit
• Protect both online and removable/archival
  storage media

10
Common Approaches to Data Security

• Perimeter security partitioning of public and
  private networks involving network traffic
  firewall and/or demilitarized zone (DMZ) to
  counter external threats. According to CSI/FBI,
  firewalls are most widely deployed information
  security technology next to AV software (95 and
  98 respectively), yet external incidents rising.
  Does not address insider threat. Does not
  address removable storage security
  vulnerabilities.
• Transport security scrambling of data
  transmitted over a public network using
  transitive encryption such as Secure Sockets
  Layer (SSL), IPSec, S/MIME to avoid packet
  interception or eavesdropping, known as
  sniffing. Protects only data in transit, not
  data at rest the most prevalent state. Does
  not improve security for data stored online or on
  removable media. Does not address insider
  threat.

11
Common Approaches Contd

• Access Control CSI/FBI survey shows 90
  currently using access control technology, yet
  theft of proprietary information continuing
  unabated.
• Under many access control schemes, trusted
  insiders such as domain admins and DBAs have
  unrestrained access to data.
• About their recent study of host encryption
  options, Gartner Group stated E-business
  requires secure communications and secure
  databases even when the parties are using
  traditional mainframe-based systems. Sometimes
  access control is not enough.

12
Shifting Data Security Paradigm

• Increasingly, as front-end security measures
  reach near 100 deployment levels, the need to
  protect data residing on back-end systems is more
  apparent.
• Crown Jewels stored in files and databases --
  likely targets for data theft. When stored in
  clear text, data remains vulnerable to both
  intruders and trusted insiders (security is only
  as strong as the weakest link).
• SIIA e-Business Division Technology Working Group
  warns of dangers and weaknesses of egg shell
  security (hardened exterior, soft interior) and
  advocates securing stored data with encryption to
  provide the last crucial link in the security
  chain.

13
Shifting Paradigm Contd

• The issue is not if sensitive stored data should
  be encrypted, but how.
• In formulating a successful data storage
  encryption strategy, the plan must achieve the
  following
• Encrypt sensitive info in a file or database
• Secure, reliable and scalable key management
• Selective or granular encryption of sensitive
  data
• Solve the trusted insider problem
• Minimize Performance Impact

14
Shifting Paradigm Contd

• Disk Encryption
• Creates unnecessary performance overhead to
  encrypt and decrypt an entire disk when only
  portions of the data are sensitive.
• Typically only one key is used to protect an
  entire disk. Compromising that key would reveal
  too much information.

15
Shifting Paradigm Contd

• Stand-alone File Encryption, Encrypting File
  Systems
• Neither well-suited for encrypting information
  stored in a database, where much sensitive
  information is obviously stored. For
  performance reasons, it is impractical to
  needlessly encrypt and decrypt the entire db file
  (preferable to encrypt only sensitive fields).
  Also, encryption of entire db file requires only
  one key, which if compromised would again reveal
  too much information.
• Often have not solved the problem of trusted
  insider access (e.g. admin account can decrypt
  any file) or key management (how to store
  encryption keys so they can not be compromised).

16
Shifting Paradigm Contd

• Many Native and Third-Party Database Encryption
  Options
• Do not provide granular field level encryption or
  transaction based key management
• Use small fixed number of keys to encrypt entire
  columns -- again if a key is compromised, too
  much information is revealed, e.g. all stored
  credit card numbers or all social security
  numbers, etc.).
• Store encryption keys in the same database as the
  encrypted data (e.g. if someone walked off with a
  tape backup, they could have all they need to run
  a crypt-analytic attack).
• Do not prevent trusted insiders such as the DBA
  from viewing sensitive data
• Often platform-specific and therefore do not work
  on all database platforms
• Unable to encrypt files (meaning separate tools
  needed for file encryption and database
  encryption).

17
New Approach to Protecting Data Storage

• The ERUCES Tricryption Engine is a
  patent-pending encryption solution that secures
  sensitive data stored within a file or database.
  
• Employing standard algorithms along with
  innovative key management, Tricryption protects
  data from theft and tampering, ensuring data
  privacy and integrity.
• Tricryption eliminates both intruder and insider
  threats to data security.

18
Tricryption Methodology

• Encrypts individual files and fields, records or
  objects within a database using unique, variable
  lifetime keys
• Encrypts and stores the keys in a protected
  database in a separate domain, securely away from
  the encrypted data
• Encrypts the links between encrypted data and
  corresponding keys

19
Data Sample Before After
Hidden Links
20
Single-Key Privacy Solution

• Credit Card
• Password
• E-mail
• Bank Route
• Account
• Personal Data
• Monetary Information

21
Fixed-Key Privacy Solution

• Credit Card
• Password
• E-mail
• Bank Route
• Account
• Personal Data
• Monetary Information

22
ERUCES Tricryption Engine Solution
23
ERUCES Technology Path
No Encryption
Encryption
Insecurity
Most Common
Other
24
Tricryption Advantages

• Protected data and encrypted keys stored
  separately
• Unlimited number of keys based on transactions
  instead of single key or fixed number of keys
• Complexity of scrambling system increases with
  every transaction, adding to the impossibility of
  a successful crypt-analytic attack
• Even if info database and key database are
  stolen, protected data is useless outside of
  ERUCES system

25
Additional Security Features

• Standard crypto algorithms such as 3DES, AES, RC4
• Smart monitoring system with alerts
• Secure key audit log with reporting
• Validates integrity of encrypted data and keys
  during decryption
• Accepts requests from only registered and
  authenticated components
• Background digital certificates verification
• Local/Domain Certificate Authority (CA)

26
ERUCES Network Architecture
27
Tricryption Disaster Recovery

• Client agent supports up to four key server nodes
• Key server supports up to four key database nodes
• Key database can use vendors replication
  features
• 24 X 7 operations

28
Tricryption Performance

• Multi-processor capable
• Employs symmetric cryptography for superior
  performance
• Caches new and frequently used encrypted keys in
  memory for speedy retrieval, further enhancing
  overall system performance
• Business processes continue transparently

29
Encryption Recommended Practices

• Define enterprise-wide encryption policy
• Identify sensitive data that needs to be
  protected
• Avoiding encrypting data unnecessarily
• Encryption keys should be stored away from
  encrypted data
• Granular encryption combined with
  transaction-based key management is most secure
• Value of each key is the value of the data it
  protects
• Develop and test backup and recovery plan for
  encryption keys

30
Summary

• No sector is immune from attack. Organizations
  must assess their own risk and adopt appropriate
  countermeasures.
• Poor data security has high tangible and
  intangible costs.
• Organizations must protect themselves not only
  from external intrusion, but also from internal
  threats to data security.
• Compliment existing network security with
  specific measures to protect data storage.
• Encrypt sensitive information stored in a file or
  database.

31
Contact Information

• ERUCES, Inc.
• Data Storage Division
• 8835 Monrovia
• Lenexa, KS 66215
• athibault_at_eruces.com
• http//www.tricryption.com

32
Sources 2001 CSI/FBI Computer Crime and Security
Survey www.gocsi.com 2001 Information Security
Industry Survey www.infosecuritymag.com 2001 ITAA
Security Survey www.itaa.org Federal Trade
Commission www.ftc.gov Dept. of Health And Human
Services www.hhs.gov Red Siren www.redsiren.com G
artner Group www.gartner.com SIIA Electronic
Citadel White Paper www.siia.org