SlideShare a Scribd company logo

Attributable Networks - Guardtime Whitepaper

Martin Ruubel
Martin Ruubel
1 of 12
Download to read offline
Page 2 of 5Guardtime KSI | Attributable Networks Attributable Networks Truth, not Trust www.guardtime.com
Guardtime and KSI KSI Technology Primer Why Is Attribution Important? Contrasting KSI The Target Case Contents 3 5 7 9 11
Page 2 of 5Guardtime KSI | Attributable Networks Definition: ‘attribution’ means that the digital assets and network components can be tagged, tracked, located, and subsequently authenticated, in real-time, at scale. Guardtime’s KSI technology serves as a proactive Information- and Software Assurance, Insider Threat, and Advanced Persistent Threat detection capability. KSI technology is in use today across a variety of United States and European Union eGovernment and federal agency platforms. Guardtime and KSI Guardtime is an Information and Software Assurance com- pany to offer the world’s first massively scalable real-time authentication and integrity solution for any type of digital asset. With Guardtime’s Keyless Signature Infrastructure (KSI) technology, the realization of ‘truly attributable’ net- works is possible, where digital assets and their prove- nance can be authenticated in real-time, anywhere in the world, independent of the service provider. KSI signatures are portable, literally becoming part of the digital asset, and are used to provide proof of time, identity, and authenticity. This proof affords the consumer, service provider, or data broker to finally trust the provenance and integrity of any network interactions, as well as the digital assets they are managing and/or consuming. Guardtime’s KSI technology is used across a variety of United States and European Union e-government and fed- eral agency platforms to authenticate and validate import- ant digital and M2M assets in real-time and regardless of scale; verifying their authenticity, time, chain-of-custody and associated interactions. Guardtime KSI serves as a pro- active Information and Software Assurance, Insider Threat, and Advanced Persistent Threat detection capability. Guardtime’s definition of an Attributable Network: Attribu- tion means that the properties of important digital assets (trade secret, proprietary information, etc.) and network component software and/or firmware for assets like rout- ers, switches, applications, virtual machines, configuration information, audit and event log systems, and associated network services can be tagged, tracked, located, and subsequently authenticated. 1 2 3 Summary
Guardtime KSI | Attributable Networks Page 3 of 5 KSI Technology Primer The information derived from a KSI signature means the asset’s chain-of-custody information, creation time, and authenticity information remains undisputable and can be subsequently trusted and verified without trusting or solely relying upon an administrator or a secret (such as a key or PKI credential). Instead, KSI uses a ‘proof-based’ method to accomplish authentication and our forensic evidence is portable across any Cloud Service Provider or Enterprise network. Forensically, KSI signatures are based on mathematical proofs and keyless cryptographic functions approved by the EU and the US National Institute of Standards (NIST). These proofs and functions will withstand exploitation even with advances in quantum computing meaning that assets signed by KSI will have proof information retained over the lifetime of the asset. The forensic evidence of the signa- tures makes legal indemnification issues easy to resolve; highlighting who, what, where, and when a digital asset was touched, modified, created, or transmitted. This evi- dence holds up in a court of law. Literally any digital asset can be signed with Guardtime KSI and access (to the underlying data the signatures are protecting) is not necessary to determine if there is an integrity loss or compromise. An organization’s Network Operations Center (NOC) or Security Operations Center (SOC) can simply adjudicate and trace any changes to signatures to determine the integrity state of their network or important archives via automated (or manual) reporting, analysis, and visualization (dashboards). This concept and infrastructure does not rely on cryp- tographic secrets or credentials that can be compromised, nor does KSI rely on trusting administrators. The signature information afforded by Guardtime KSI can be used in fact to preserve and verify administration/user activities, behav- iors, and interactions across the network. KSI signatures are based on mathematical proofs and keyless cryptographic functions approved by the EU and the US National Institute of Standards (NIST). KSI does not rely on cryptographic secrets or credentials that can be compromised, nor does KSI rely on trusting administrators. The forensic evidence of the KSI signatures makes legal indemnification issues easy to resolve, highlighting who, what, where, and when a digital asset was touched, modified, created, or transmitted. The information afforded by KSI holds up in a court of law. IoT primer 4 5 6 7 Summary
Guardtime KSI | Attributable Networks Page 4 of 5 Why is Attribution Important? Fundamentally, the signatures generated by Guardtime KSI baseline the state of your important digital assets – Guardtime calls this concept ‘Clean State Proof’, high- lighting their authenticity, time, and identity. This proof information can then be sent and escrowed (aggregated) across the network enterprise or across service providers without disclosing the underlying contents of the data the signatures protect. By collecting, analyzing, correlating and reporting this ev- idence one can build a real-time integrity picture of the network and/or important digital repositories and archives. With this real-time awareness regarding the integrity state of important digital asset components, organizations seeking to protect the integrity of their network can make real-time decisions in the event that the network and/or asset is compromised and quickly identify the cause and specific component(s) responsible for the loss of integrity. Subsequently, with this real-time awareness, real-time incident response, real-time data-loss prevention, inves- tigation, and/or network resilience is now possible to de- tect and react to any misconfiguration, network and/or component/application failure. Moreover, KSI directly supports enhanced continuity of operations, data loss prevention (due to theft or ma- liciousness), and is a new form of Advanced Persistent Threat (APT) detection when malware infects a crucial network or system component. The changed state of the asset provides a real-time alert, which can then be inves- tigated, audited, and/or behavior stopped. If an asset is affected by malware, the signature information changes, the asset can be ‘sandboxed’ or firewalled before further infection or transfer. Organizations can build a real-time integrity picture of the network and/or important digital repositories and archives. KSI instrumented attributable networks enables discovery and real-time decisions in the event that the network and/or asset is compromised. 8 9 Summary
Guardtime KSI | Attributable Networks Page 5 of 5 Contrasting KSI There are no competitive technologies like Guardtime KSI. Until Guardtime, there was no way to instrument the net- work at the scale required to track the state and status of the hundreds of thousands, millions, or even billions of organizational assets contained across a large enterprise environment and constrain their activities. Guardtime KSI signatures can work at Exabyte scale and have minimal impact to network overhead for signing, escrow, and veri- fying operations. Organizational ICT environments today may span mul- tiple service or cloud providers. For example: with the advent of cloud computing a new technology needed to be developed that worked at scale, with portable evidence, and needed to move the trust anchor from the administrator or cryptographic secret to an immutable proof (proof that does not change or can be tampered with). Guardtime KSI provides this proof with the context of time, integrity, and identity information for the assets being signed and monitored. In contrast to Guardtime KSI, traditional digital signature technologies and credential-based signature technologies (such as PKI) DO NOT work well at scale, and ultimately rely on an underlying cryptographic secret, which when compromised results in a loss of trust in the security and event reporting systems. The complexities of key manage- ment and revocation make PKI systems inefficient with high overhead and enterprise administration costs. Also, unlike KSI, if a PKI credential is compromised, you cannot trust any of the security evidence being reported by the system because the applications or logs may be subverted. If you can’t trust the reporting mechanisms, then you cannot trust the state of the assets the secu- rity layer is protecting. Therefore, if these systems be- come compromised a network may be exploited for days, weeks, months, or years before the attack is understood or the data loss caught. In fact, an organization may never discover the compromise. Guardtime KSI technology can work at exabyte scale while havingminimal impact to network overhead for signing, escrow, and verifying operations – there are no competitive technologies with similar capabilities. Traditional PKI relies on an underlying cryptographic secret, which when compromised results in a complete collapse of trust in the entire security and event reporting system. Additionally, PKI does NOT work well at scale; the complexities of key management and revocation make PKI systems inefficient with high overhead and administration costs. 10 11 12 Summary
Guardtime KSI | Attributable Networks Page 6 of 6 The Target Case Recently a major corporation’s customer credit card and billing information was stolen resulting in the loss of over 100MM credit card numbers via the exploitation of multiple network components across Target’s enterprise. With Guardtime KSI, the Target compromise would have never occurred; as the compromised integrity of the credit card database configuration(s), machine reader software, and security layer components would have been detected in real-time and subsequently responded to. As of writing (February 2014) Target still cannot answer the United States Congress if they have eliminated the malware inside the enterprise and if backdoors still re- main into their customer records system(s). They are not instrumented from the inside out to begin to understand their networks integrity, what has changed, and what was responsible. The implications for any organization creating an attrib- utable network means that they can prevent data loss of important digital assets, assure the integrity of their network, and verify enterprise behaviors even across service providers without having to put their trust in cryptographic secrets or administrators that may also be compromised (also known as the ‘insider threat’). Strategically, a new era in trusted networking and digital asset and content protection is possible with Guardtime KSI. Every component, configuration, and digital asset can be tagged, tracked, and located with real-time integ- rity information no matter where that asset is transmitted, stored, or received. With Guardtime KSI, Target compromise would have never happened. For any organization creating an attributable network, it means that they can prevent data loss of important digital assets, assure the integrity of their network, and verify enterprise behaviors even across the service providers without having to put their trust in cryptographic secrets or systems administrators Strategically, a new era in trusted networking and digital asset and content protection is possible with Guardtime KSI. 13 14 15 Summary
Page 2 of 5Guardtime KSI | Attributable Networks © 2014 Guardtime

Recommended

Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...Martin Ruubel
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Martin Ruubel
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Cláudia Alves
 

Recommended

Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...Martin Ruubel
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Martin Ruubel
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Cláudia Alves
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...IJCNCJournal
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudUlf Mattsson
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudITDogadjaji.com
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cAanchal579958
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyHappiest Minds Technologies
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...Priyanka Aash
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Brianna Johnson
 

More Related Content

What's hot

Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...IJCNCJournal
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudUlf Mattsson
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudITDogadjaji.com
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cAanchal579958
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyHappiest Minds Technologies
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...Priyanka Aash
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 

What's hot (20)

Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data security
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
 
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet ...
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_data
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
 
Cyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 cCyfirma cybersecurity-predictions-2022-v1.0 c
Cyfirma cybersecurity-predictions-2022-v1.0 c
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network Secuirty
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 

Similar to Attributable Networks - Guardtime Whitepaper

IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Brianna Johnson
 
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ..."Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...PROIDEA
 
eBook_PKI-AreYouDoingItWrong2022-f.pdf
eBook_PKI-AreYouDoingItWrong2022-f.pdfeBook_PKI-AreYouDoingItWrong2022-f.pdf
eBook_PKI-AreYouDoingItWrong2022-f.pdfHaNguyenThanh21
 
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITY
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITYCOST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITY
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITYShakas Technologies
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIRJET Journal
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Markit
 
WISekey IoT Technologies Presentation
WISekey IoT Technologies PresentationWISekey IoT Technologies Presentation
WISekey IoT Technologies PresentationCreus Moreira Carlos
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicNetmagic Solutions Pvt. Ltd.
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdfAnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdftonkung6
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...RSIS International
 
Network Security
Network SecurityNetwork Security
Network SecurityBeth Hall
 

Similar to Attributable Networks - Guardtime Whitepaper (20)

IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...
 
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ..."Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
 
eBook_PKI-AreYouDoingItWrong2022-f.pdf
eBook_PKI-AreYouDoingItWrong2022-f.pdfeBook_PKI-AreYouDoingItWrong2022-f.pdf
eBook_PKI-AreYouDoingItWrong2022-f.pdf
 
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITY
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITYCOST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITY
COST-EFFECTIVE AUTHENTIC AND ANONYMOUS DATA SHARING WITH FORWARD SECURITY
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Control
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences
 
WISekey IoT Technologies Presentation
WISekey IoT Technologies PresentationWISekey IoT Technologies Presentation
WISekey IoT Technologies Presentation
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdfAnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network Access
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
 
Network Security
Network SecurityNetwork Security
Network Security
 

Attributable Networks - Guardtime Whitepaper

  • 1. Page 2 of 5Guardtime KSI | Attributable Networks Attributable Networks Truth, not Trust www.guardtime.com
  • 2. Guardtime and KSI KSI Technology Primer Why Is Attribution Important? Contrasting KSI The Target Case Contents 3 5 7 9 11
  • 3. Page 2 of 5Guardtime KSI | Attributable Networks Definition: ‘attribution’ means that the digital assets and network components can be tagged, tracked, located, and subsequently authenticated, in real-time, at scale. Guardtime’s KSI technology serves as a proactive Information- and Software Assurance, Insider Threat, and Advanced Persistent Threat detection capability. KSI technology is in use today across a variety of United States and European Union eGovernment and federal agency platforms. Guardtime and KSI Guardtime is an Information and Software Assurance com- pany to offer the world’s first massively scalable real-time authentication and integrity solution for any type of digital asset. With Guardtime’s Keyless Signature Infrastructure (KSI) technology, the realization of ‘truly attributable’ net- works is possible, where digital assets and their prove- nance can be authenticated in real-time, anywhere in the world, independent of the service provider. KSI signatures are portable, literally becoming part of the digital asset, and are used to provide proof of time, identity, and authenticity. This proof affords the consumer, service provider, or data broker to finally trust the provenance and integrity of any network interactions, as well as the digital assets they are managing and/or consuming. Guardtime’s KSI technology is used across a variety of United States and European Union e-government and fed- eral agency platforms to authenticate and validate import- ant digital and M2M assets in real-time and regardless of scale; verifying their authenticity, time, chain-of-custody and associated interactions. Guardtime KSI serves as a pro- active Information and Software Assurance, Insider Threat, and Advanced Persistent Threat detection capability. Guardtime’s definition of an Attributable Network: Attribu- tion means that the properties of important digital assets (trade secret, proprietary information, etc.) and network component software and/or firmware for assets like rout- ers, switches, applications, virtual machines, configuration information, audit and event log systems, and associated network services can be tagged, tracked, located, and subsequently authenticated. 1 2 3 Summary
  • 4.
  • 5. Guardtime KSI | Attributable Networks Page 3 of 5 KSI Technology Primer The information derived from a KSI signature means the asset’s chain-of-custody information, creation time, and authenticity information remains undisputable and can be subsequently trusted and verified without trusting or solely relying upon an administrator or a secret (such as a key or PKI credential). Instead, KSI uses a ‘proof-based’ method to accomplish authentication and our forensic evidence is portable across any Cloud Service Provider or Enterprise network. Forensically, KSI signatures are based on mathematical proofs and keyless cryptographic functions approved by the EU and the US National Institute of Standards (NIST). These proofs and functions will withstand exploitation even with advances in quantum computing meaning that assets signed by KSI will have proof information retained over the lifetime of the asset. The forensic evidence of the signa- tures makes legal indemnification issues easy to resolve; highlighting who, what, where, and when a digital asset was touched, modified, created, or transmitted. This evi- dence holds up in a court of law. Literally any digital asset can be signed with Guardtime KSI and access (to the underlying data the signatures are protecting) is not necessary to determine if there is an integrity loss or compromise. An organization’s Network Operations Center (NOC) or Security Operations Center (SOC) can simply adjudicate and trace any changes to signatures to determine the integrity state of their network or important archives via automated (or manual) reporting, analysis, and visualization (dashboards). This concept and infrastructure does not rely on cryp- tographic secrets or credentials that can be compromised, nor does KSI rely on trusting administrators. The signature information afforded by Guardtime KSI can be used in fact to preserve and verify administration/user activities, behav- iors, and interactions across the network. KSI signatures are based on mathematical proofs and keyless cryptographic functions approved by the EU and the US National Institute of Standards (NIST). KSI does not rely on cryptographic secrets or credentials that can be compromised, nor does KSI rely on trusting administrators. The forensic evidence of the KSI signatures makes legal indemnification issues easy to resolve, highlighting who, what, where, and when a digital asset was touched, modified, created, or transmitted. The information afforded by KSI holds up in a court of law. IoT primer 4 5 6 7 Summary
  • 6.
  • 7. Guardtime KSI | Attributable Networks Page 4 of 5 Why is Attribution Important? Fundamentally, the signatures generated by Guardtime KSI baseline the state of your important digital assets – Guardtime calls this concept ‘Clean State Proof’, high- lighting their authenticity, time, and identity. This proof information can then be sent and escrowed (aggregated) across the network enterprise or across service providers without disclosing the underlying contents of the data the signatures protect. By collecting, analyzing, correlating and reporting this ev- idence one can build a real-time integrity picture of the network and/or important digital repositories and archives. With this real-time awareness regarding the integrity state of important digital asset components, organizations seeking to protect the integrity of their network can make real-time decisions in the event that the network and/or asset is compromised and quickly identify the cause and specific component(s) responsible for the loss of integrity. Subsequently, with this real-time awareness, real-time incident response, real-time data-loss prevention, inves- tigation, and/or network resilience is now possible to de- tect and react to any misconfiguration, network and/or component/application failure. Moreover, KSI directly supports enhanced continuity of operations, data loss prevention (due to theft or ma- liciousness), and is a new form of Advanced Persistent Threat (APT) detection when malware infects a crucial network or system component. The changed state of the asset provides a real-time alert, which can then be inves- tigated, audited, and/or behavior stopped. If an asset is affected by malware, the signature information changes, the asset can be ‘sandboxed’ or firewalled before further infection or transfer. Organizations can build a real-time integrity picture of the network and/or important digital repositories and archives. KSI instrumented attributable networks enables discovery and real-time decisions in the event that the network and/or asset is compromised. 8 9 Summary
  • 8.
  • 9. Guardtime KSI | Attributable Networks Page 5 of 5 Contrasting KSI There are no competitive technologies like Guardtime KSI. Until Guardtime, there was no way to instrument the net- work at the scale required to track the state and status of the hundreds of thousands, millions, or even billions of organizational assets contained across a large enterprise environment and constrain their activities. Guardtime KSI signatures can work at Exabyte scale and have minimal impact to network overhead for signing, escrow, and veri- fying operations. Organizational ICT environments today may span mul- tiple service or cloud providers. For example: with the advent of cloud computing a new technology needed to be developed that worked at scale, with portable evidence, and needed to move the trust anchor from the administrator or cryptographic secret to an immutable proof (proof that does not change or can be tampered with). Guardtime KSI provides this proof with the context of time, integrity, and identity information for the assets being signed and monitored. In contrast to Guardtime KSI, traditional digital signature technologies and credential-based signature technologies (such as PKI) DO NOT work well at scale, and ultimately rely on an underlying cryptographic secret, which when compromised results in a loss of trust in the security and event reporting systems. The complexities of key manage- ment and revocation make PKI systems inefficient with high overhead and enterprise administration costs. Also, unlike KSI, if a PKI credential is compromised, you cannot trust any of the security evidence being reported by the system because the applications or logs may be subverted. If you can’t trust the reporting mechanisms, then you cannot trust the state of the assets the secu- rity layer is protecting. Therefore, if these systems be- come compromised a network may be exploited for days, weeks, months, or years before the attack is understood or the data loss caught. In fact, an organization may never discover the compromise. Guardtime KSI technology can work at exabyte scale while havingminimal impact to network overhead for signing, escrow, and verifying operations – there are no competitive technologies with similar capabilities. Traditional PKI relies on an underlying cryptographic secret, which when compromised results in a complete collapse of trust in the entire security and event reporting system. Additionally, PKI does NOT work well at scale; the complexities of key management and revocation make PKI systems inefficient with high overhead and administration costs. 10 11 12 Summary
  • 10.
  • 11. Guardtime KSI | Attributable Networks Page 6 of 6 The Target Case Recently a major corporation’s customer credit card and billing information was stolen resulting in the loss of over 100MM credit card numbers via the exploitation of multiple network components across Target’s enterprise. With Guardtime KSI, the Target compromise would have never occurred; as the compromised integrity of the credit card database configuration(s), machine reader software, and security layer components would have been detected in real-time and subsequently responded to. As of writing (February 2014) Target still cannot answer the United States Congress if they have eliminated the malware inside the enterprise and if backdoors still re- main into their customer records system(s). They are not instrumented from the inside out to begin to understand their networks integrity, what has changed, and what was responsible. The implications for any organization creating an attrib- utable network means that they can prevent data loss of important digital assets, assure the integrity of their network, and verify enterprise behaviors even across service providers without having to put their trust in cryptographic secrets or administrators that may also be compromised (also known as the ‘insider threat’). Strategically, a new era in trusted networking and digital asset and content protection is possible with Guardtime KSI. Every component, configuration, and digital asset can be tagged, tracked, and located with real-time integ- rity information no matter where that asset is transmitted, stored, or received. With Guardtime KSI, Target compromise would have never happened. For any organization creating an attributable network, it means that they can prevent data loss of important digital assets, assure the integrity of their network, and verify enterprise behaviors even across the service providers without having to put their trust in cryptographic secrets or systems administrators Strategically, a new era in trusted networking and digital asset and content protection is possible with Guardtime KSI. 13 14 15 Summary
  • 12. Page 2 of 5Guardtime KSI | Attributable Networks © 2014 Guardtime