Technology Summary
January 2018
Proprietary and Confidential. Not for distribution. Released under NDA.
© 2018 Private Machines Inc. All Rights
Reserved. Reproduction in whole or in part without written permission prohibited.
Products
Protect + Unify Your Cloud And On-Prem Storage CipherBucket™ unifies and protects data across on-prem and tens of cloud-based storage services. It enforces governance policies and encrypts. Storage services never see your keys or plaintext data. Cloud data breaches simply do not affect you.
Protect Your Cloud Databases CipherQuery™ protects your cloud databases by efficiently processing queries encrypted. Queries and data are transparently protected using strong cryptography and the cloud cannot read them even when compelled to do so.
Encrypt Your Cloud Computation With CipherRack™ you can efficiently run VMs, containers and standalone applications fully encrypted in public or private clouds and data centers. Unauthorized parties including the cloud or data center provider cannot see the computation, data, or encryption keys even with physical access to hardware.
Secure Your File Sharing CipherLocker™ is the first encrypted file sharing, storage, and collaboration platform with a search portal on encrypted data and strong client-side data encryption. You can drag-and-drop, store, share, synchronize, and search. The data server cannot ever access user data or searches even when compelled. Files are encrypted before they leave your computer. Data can reside in cloud or on-prem.
First Tamper-Proof Server ENFORCER™ SRX1 is the first powerful tamper-proof server that protects your x86 software and data with the highest level of logical and physical security.
3 | P a g e
Protect + Unify Your Cloud and On-Prem Storage
CipherBucket™ unifies and protects data across on-prem and tens of cloud-based storage
services. It enforces governance policies and encrypts. Storage services never see your keys or plaintext data. Cloud data breaches simply do not affect you.
4 | P a g e
5 | P a g e
6 | P a g e
Strong Encryption All data is encrypted using strong
cryptography before it leaves the prem. Multiple layers of encryption protect your storage domains, buckets, metadata, and files.
Highlights ✓ Strong Data Encryption (AES 256)
✓ At-Rest/In-Transit Encryption (AES 256, TLS)
✓ Key lifecycle management²
✓ Cloud never sees keys or data
✓ Integrate with existing key management
✓ Built-in key manager
Multi-Layer Integrity
Integrity mechanisms are deployed at multiple
layers including blocks, objects, and buckets.
Highlights ✓ Strong integrity constructs (SHA HMACs)
✓ Integrity for partial retrieval
✓ Download resume with integrity
Enterprise Security Enterprise security features enable you to
manage, monitor and audit cloud accesses transparently.
Highlights ✓ NIST FIPS Certification¹
✓ Logging and audit trails
✓ Data governance policies²
✓ Data retention policies²
✓ Integrate with HSM solutions
✓ Integration with LDAP and Active Directory
7 | P a g e
Full Transparency
CipherBucket™ exposes a standard object
storage interface to clients. Applications do not need to change and programmers do not need to have sensitive cloud credentials, or worry about encryption and data governance.
Highlights ✓ Fully transparent to clients
✓ Protects sensitive cloud credentials
✓ Client applications do not change
✓ Amazon S3 compatible
✓ Virtual buckets
Multi-Cloud Broker For increased availability and to prevent
vendor lock-in, CipherBucket™ enables data to be stored in multiple clouds or distributed according to per-bucket policies.
Highlights ✓ Prevent vendor lock-in
✓ Supports 10+ cloud providers
✓ Compatible with archival storage
✓ Dynamic cost-driven data migration²
✓ Unified namespaces
High Performance
CipherBucket™ makes use of hardware
acceleration when available. Even without acceleration, the hyper-optimized data path code results in low per-byte CPU cycle counts and extremely high throughput.
Highlights ✓ 10-50Gbps+ sustained throughput
✓ 100k+ connections per instance
✓ Scale-out, multi-instance federation
✓ Hardware acceleration available
✓ Multi-part uploads
8 | P a g e
Easy Deployment CipherBucket™ can be deployed in numerous
combinations: on-prem software, hyper-optimized hardware appliance, cloud VM or container, off-prem cloud service, etc.
Highlights ✓ Software deployment available
✓ Hyper-optimized appliance available
✓ Can run in cloud container/VM
✓ Scale-out cloud service² in CipherRack™
✓ Cloud/on-prem HSM integration
✓ Multi-instance federation
✓ Integrate On-Prem Storage
Data Processing
CipherBucket™ can compress², de-duplicate²
and cache your data and minimize costs.
Highlights ✓ On-the-fly compression²
✓ Data deduplication²
✓ Transparent caching
✓ Multi-part uploads
High Availability CipherBucket™ can be set up in numerous
high-availability configurations to maximize resilience.
Highlights ✓ Active/passive configuration
✓ Load-balanced configuration
✓ Load-balanced HA + Cluster HA
✓ Many other combinations available
9 | P a g e
Cost Reduction Maintenance-Free Advanced Features CipherBucket™ deploys a number of
dynamic cost reduction techniques that increase ROI by an order of magnitude.
CipherBucket™ is designed to be maintenance free. Instances can hot-swap between each other and no ongoing management is required.
CipherBucket™ comes with an integrated search portal, database backup tools, and advanced visualisation and statistics.
Highlights Highlights Highlights ✓ Dynamic cost optimization²
✓ Cost-driven data migration²
✓ Automatic archival²
✓ Hot-swap between instances
✓ No maintenance required
✓ Automatic failover
✓ No client-side state
✓ Integrated search portal²
✓ Sheltered Harbor integration²
✓ Integrated database backup tools for major
DBMSes and filesystems
✓ Advanced visualisation and statistics
✓ Multi-part uploads
Demo Video https://youtu.be/GHQAGrvtspQ
10 | P a g e
Protect Your Cloud Databases CipherQuery™ protects your cloud databases by efficiently processing queries encrypted.
Queries and data are transparently protected using strong cryptography and the cloud cannot read them even when compelled to do so. Full PostgreSQL and MySQL²
compatible.
Encrypted Query Processing In CipherQuery™ both queries and data are
transparently encrypted before reaching the cloud. The cloud processes the queries encrypted and never sees your data or query logic.
Highlights ✓ Cloud never sees keys, data, or queries
✓ At Runtime Encryption (AES 256)
✓ At-Rest/In-Transit Encryption (AES 256, TLS)
✓ Integrate with existing key managers and HSMs
✓ Built-in key manager
✓ NIST FIPS Certification¹
Full Transparency Advanced SQL High Performance Clients see a standard SQL interface.
Applications do not need to change and programmers do not need to worry about regulatory compliance.
CipherQuery™ provides all advanced relational database features including complete SQL, ACID transactions, stored procedures, access control, and more.
CipherQuery™ is highly efficient, handling tens of thousands of transactions per minute per instance. Multiple instances can be run.
Highlights Highlights Highlights ✓ Fully transparent to clients
✓ Standard PostgreSQL (MySQL²)
✓ Protects sensitive cloud credentials
✓ Client applications do not change
✓ Transparent to cloud backend
✓ Complete SQL (PostgreSQL, MySQL²)
✓ Full ACID Transactions
✓ Stored procedures
✓ DBMS Access control
✓ 10k+ tpm sustained throughput
✓ Scale-out / multi-instance federation²
✓ Hardware acceleration available
11 | P a g e
Easy Deployment
CipherQuery™ can be deployed in numerous combinations: on-prem software, hyper-optimized hardware appliance, cloud VM or container, off-prem cloud service, etc.
Highlights ✓ Software deployment available
✓ Hyper-optimized appliance available
✓ Can run in cloud container/VM
✓ Scalable cloud service² in CipherRack™
✓ Works with major cloud DBMSes
Cost Reduction Maintenance-Free Advanced Features CipherQuery™ deploys a number of
dynamic cost reduction techniques that increase ROI by an order of magnitude.
CipherQuery™ is designed to be maintenance free. Instances can hot-swap between each other and no ongoing management is required.
CipherQuery™ comes with backup tools, advanced visualization and statistics, and more.
Highlights Highlights Highlights ✓ On-the-fly compression
✓ Transparent caching
✓ Hot-swap between instances
✓ No maintenance required
✓ Automatic failover
✓ No client-side state
✓ Key lifecycle management
✓ Integrated backup
✓ Advanced visualization and statistics²
12 | P a g e
Feature Comparison
CipherQuery™
Standard DBMS encryption
Custom column encryption
Cloud Cannot See Any Data z ³ ³ Cloud Cannot See any Encryption Keys z ³ ³
Cloud Cannot See Queries z ³ z Simple Equality-based Queries z z z
Full SQL Queries on sensitive data (including range-based) z ³ ³ Traffic and Computation-Efficient JOINs on sensitive data z ³ ³
Strong semantically secure encryption - prevents information leaks from deterministic encryption z ³ ³
Clients do NOT need access to encryption keys z ³ ³ Database Business Logic (Stored Procedures) using Sensitive Data z ³ ³ Full Privacy for Database Business Logic (e.g., Stored Procedures) z ³ ³
Secure Access Control. No reliance on cloud to enforce access control to sensitive data z ³ ³
Full Transparency. No application changes – client software does not need to change. z ³ ³
No prior application-specific knowledge of workload required z ³ ³
In-Transit Encryption z z z
At-Rest Encryption z z z
Zero-Leak™: Cloud cannot access or leak customer data even when compelled. z ³ ³
13 | P a g e
First Tamper-Proof Server ENFORCER™ SRX1 is the first powerful tamper-proof server that protects your x86
software and data with the highest level of logical and physical security.
Tamper-Proof Anything
ENFORCER™ SRX1 can securely execute
and verify full-fledged operating systems and applications within its tamper-proof security boundary.
Highlights ✓ NIST FIPS 140-2 Level 4¹
✓ Powerful x86 Cores
✓ Runs Standard OSes
✓ Remote Integrity Validation
✓ Easy Cloud Integration
✓ Rackable
✓ Built-in Key Management (KMIP, etc.)
Universal Protection Deployments Unlimited Applications With ENFORCER™ SRX1 you can secure any
workload anywhere with full SEC-compliant FIPS 140-2 Level 4¹ security assurances.
Both the ENFORCER™ SRX1 server and the tamper-proof compute blade ENFORCER™ R1 can be deployed in any security-sensitive settings.
Since it can run standard operating systems and software, the applications of ENFORCER™ SRX1 are limitless.
Examples Examples ✓ Secure Data Centers
✓ Third-party Colocation Centers
✓ Securing Enterprise Branches
✓ ATM and Retail Payment Settings
✓ Aircraft and Vehicle Safety Systems
✓ Smart-Grid and SCADA Systems
✓ …
✓ Secure Cloud Computing (CipherRack™)
✓ Enterprise key management
✓ Authentication and directory services
✓ Payment processing
✓ Secure Trading
✓ Tamper-proof Blockchain
✓ …
14 | P a g e
Remote Verification Extremely Powerful Cost-Efficient Users can remotely verify security and
integrity for hardware, software and data. ENFORCER™ SRX1 is hundreds of times more efficient than last generation HSMs.
Pricing is comparable to off-the-shelf standard enterprise hardware.
Next Generation HSM SRX1 is built on the revolutionary
ENFORCER™ R1 compute blades, next generation hardware security modules certified to the highest level of security, NIST FIPS 140-2 Level 4¹.
Highlights ✓ Physically Tamper-Proof
✓ NIST FIPS 140-2 Level 4¹
✓ Powerful x86 Processors
✓ Internal Key Management
✓ Hardware Integrity
✓ Software Integrity
15 | P a g e
Trust Nothing. Run Encrypted. Tamper-Proof Your Cloud Workload.
CipherRack™ integrates tamper-proof secure computing technology into public or private
clouds. You can efficiently run VMs, containers and standalone applications fully encrypted in public or private clouds and data centers. Unauthorized parties, including the cloud or
data center provider cannot see the computation, data, or encryption keys even with physical access to hardware.
Overview Video https://youtu.be/iNkVl3YDSbI
16 | P a g e
Trust Nothing Design Protect Any Workload Strong Encryption CipherRack™ provides tamper-proof NIST-
certified¹ private compute instances wherein all processing is physically and logically protected. Clients do not have to trust the cloud operator, even with physical access to the hardware.
Run any workloads, including mission critical applications in the cloud with risk, no liability shift, regulatory compliance and NIST FIPS certification¹.
VMs and data are encrypted and can only be decrypted inside NIST-certified tamperproof hardware hosted in the cloud. No unauthorized party, including the cloud can access your workload or data, even with physical access.
Highlights Highlights Highlights ✓ No need to trust cloud or data center
✓ NIST FIPS 140-2 Level 4 tamper-proof¹
✓ Logical and physical protection
✓ Enables SEC compliant architectures
✓ Free built-in HSM for each instance
✓ Secure Cloud Control Planes
✓ Enterprise Key Management
✓ Authentication and Directory Services
✓ Payment Processing
✓ Secure Trading
✓ Tamper-Proof Blockchain
✓ …
✓ Cloud never sees keys, data or workload
✓ NIST-certified zeroization at deallocation
✓ Strong Data Encryption (AES 256)
✓ At-Rest/In-Transit Encryption (TLS)
✓ Transparent volume encryption
✓ Integrate with existing key management
Software Integrity High Performance Full Transparency The integrity of the hardware stack, the
software stack, and your data can be remotely verified at provisioning time and anytime thereafter.
CipherRack™ instances are extremely powerful and can easily run existing workloads.
CipherRack™ instances can be run in your existing public or on-prem cloud. Major clouds are supported.
Highlights Highlights Highlights ✓ Transparent Remote Attestation
✓ Protect Software Stack Integrity
✓ Logging and audit trails
✓ Protect Volume Integrity
✓ Strong integrity constructs (SHA HMACs)
✓ Run existing VM images
✓ Barebone allocation possible
✓ Can run own hypervisor
✓ Fully transparent to clients
✓ Applications and VMs do not change
Demo Video https://youtu.be/2w96i6hQKmo
17 | P a g e
Secure Your File Sharing Trust Nothing. Encrypt Everything. Keep The Key.
CipherLocker™ is the first encrypted file sharing, storage, and collaboration platform with a
search portal on encrypted data and strong client-side data encryption. You can drag-and-drop, store, share, synchronize, and search. The cloud cannot ever access user data or searches even when compelled. Files are encrypted before they leave your computer.
Client-Side Encryption Store, share, and search your strongly
encrypted files in the cloud or in an enterprise-wide on-prem service. The server (on-prem or cloud) sees nothing (filenames, data, keys, searches).
Highlights ✓ Server cannot read files, keys, or searches
✓ Client-Side Encryption (AES 256)
✓ At-Rest/In-Transit Encryption (AES 256, TLS)
✓ Semantic Security Protection
✓ Built-in key management
✓ NIST FIPS Certification¹
On-Prem or Cloud Service
CipherLocker™ can also be deployed on-
premise to provide enterprise-wide secure file sharing and collaboration with data stored on-prem.
Highlights ✓ On-prem service deployment available
✓ Provide enterprise-wide file secure sharing
✓ Integrate with VPN technology
✓ LDAP/AD Integration²
18 | P a g e
Encrypted Data Search Portal
CipherLocker™ is the first platform that lets you securely search through files that are stored encrypted on the server, without having to download the files.
Highlights ✓ Fast, Easy and Secure
✓ Search in remote encrypted files
✓ No need to download to search
✓ Server cannot see your search
✓ Can download matching files even if not in
synchronized folders
✓ Many file types (PDF, MS, media, …)
✓ Ranked Search
✓ Sub-millisecond search times
Strong Security Sharing and Teaming Secure Synchronization CipherLocker™ provides strong security and
easy key exchange that goes beyond core data encryption.
CipherLocker™ is the only platform with secure and easy sharing of encrypted files and folders that prevents the server (on-prem or cloud) from leaking your data to third parties when compelled.
CipherLocker™ automatically synchronizes files across all your devices. You select what to synchronize on each device. Search in all files even if not synchronized.
Highlights Highlights Highlights ✓ Access logging and audits²
✓ Strong Integrity with Share-Wide Protection
✓ Easy access control
✓ Everything is encrypted
✓ Integrate with existing key managers and HSMs
✓ Built-in key management
✓ File History and Versioning
✓ Create groups
✓ Share with individuals or groups
✓ Circles of Trust™ – easy membership,
secure sharing²
✓ Cross-platform (OSX, Windows, Linux, …)
✓ Automatic sync
✓ Access files anywhere, anytime, even
when not online
✓ Search in files even if not synchronized
✓ Select what to synchronize on each
device
✓ Sync any file types
Demo Video https://youtu.be/hIpLVv9czMo
19 | P a g e
Feature Comparison
CipherLocker™ Existing Systems
Search In Encrypted Files Without Downloading z ³ ³ ³ ³ ³ On-Prem Service Deployment z ³ ³ ³ ³ ³ Server Can Absolutely Not Access Your File Data z ³ ³ � � � Secure Public Key Exchange z ³ ³ ³ ³ ³ Folder and Share-Wide Integrity Protection z ³ ³ ³ ³ ³ Circles of Trust™ z ³ ³ ³ ³ ³ Sharing Secure Against Insiders z ³ ³ ³ ³ ³ Grouping Secure Against Insiders z ³ ³ ³ ³ ³ Source Code Open Source z ³ ³ ³ ³ ³ Openly Available Docs On Crypto Details. No Security By Obscurity z ³ ³ � � � Ranked Search z z z ³ ³ ³ Server or Cloud Never See Encryption Keys z ³ ³ � � � Encrypted File Names z ³ ³ � � � Zero-Leak™: Server cannot access or leak data even when compelled z ³ ³ � � � Encrypted File Data z ³ ³ � � � Semantic Security z ³ ³ � � � User-defined Groups z ³ � � � � File Revision History z ³ ³ ³ ³ ³ Cross-platform Case-sensitive Filenames z ³ � z � �
20 | P a g e
GLOSSARY
Zero-Leak™
Strong cryptographically-backed security assurance ensuring a cloud service does not have access to encryption keys, plaintext data and plaintext software, even during runtime processing. Effectively, this guarantees the cloud service cannot access or leak customer data even when compelled to do so.
At-Runtime Security ™
Cryptographic and hardware security mechanisms that provide Zero-Leak™ processing. Examples include technology that guarantees that during processing, the entire workload (data + computation) are encrypted, effectively preventing the service provider and even insiders with physical access to access the workload.
HSM
A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto-processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. Due to the critical role they play in securing applications and infrastructure, HSMs are typically certified to internationally recognized standards such as FIPS 140 to provide users with independent assurance that the design and implementation of the product and cryptographic algorithms are sound. The highest level of FIPS 140 security certification attainable is Security Level 4 (Overall), to which very few HSMs have been successfully validated.
FIPS 140-2
The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government computer security standard used to accredit HSMs. The National Institute of Standards and Technology (NIST) issued FIPS 140 to coordinate the requirements and standards for HSMs that include both hardware and software components. This is necessary to maintain the confidentiality and integrity of the information protected by the HSM. This standard specifies the security requirements that will be satisfied by a HSM. The standard provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments. The security requirements cover areas related to the secure design and implementation of a HSM. These areas include HSM specification; HSM ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.
NIST 140-2 Level 4 Tamper-Proof
Security Level 4 provides the highest level of security. At this security level, physical security mechanisms provide a complete set of reactive envelopes of protection around the HSM with the intent of detecting and responding to all unauthorized attempts at physical access. Penetration of the HSM enclosure results in the immediate deletion of all sensitive information. Security Level 4 is essential for operation in physically unprotected environments. Security Level 4 also protects against a security compromise due to environmental conditions or fluctuations outside of normal operating ranges for voltage and temperature.
21 | P a g e
Security Levels 1-3
Security Level 1 provides the lowest level of security. Basic security requirements are specified (e.g., at least one Approved algorithm or Approved security function shall be used). No specific physical security mechanisms are required beyond the basic requirement for production-grade components. Level 2 improves upon the physical security mechanisms of Security Level 1 by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access. Level 3 attempts to prevent the intruder from gaining access to CSPs held within the HSM. Physical security mechanisms are meant to have a higher probability of detecting and responding to attempts at physical access, use or modification.
Remote Attestation
Mechanism that enables a verifier (e.g., cloud client) to securely assess the software stack running in a remote compute platform (e.g., cloud server, HSM, VM, container etc). It typically works by having hardware residing in the remote computer generate a certificate stating what software was loaded and is currently running. This certificate can be presented to the remote to show that the expected unaltered trusted software is currently executing. The ultimate goal of remote attestation is to ensure trust in the remote environment, e.g., before sending it sensitive data and code.
Intel® AES-NI
Intel® AES New Instructions (NI) is a new encryption instruction set that accelerates the encryption of data in the Intel® Xeon® processor family and the Intel® Core™ processor family.
¹ Certification Ongoing ² Upcoming Feature
© 2018 Private Machines Inc. All Rights Reserved.
This document is provided “AS IS” for informational purposes only, and specifically not for the purpose of providing legal advice. Use at your own risk. Further, the opinions expressed herein are the opinions of the individual author and may not reflect the opinions of Private Machines Inc. Private Machines makes no representations or warranties of any kind, express of implied, as to the accuracy or completeness of the contents of this document. Except as expressly provided in any written license agreement from Private Machines, the furnishing of this document does not give you any license to patents, trademarks, copyrights, or other intellectual property.
Third-party trademarks and tradenames appearing in this document are the property of their respective owners. Such third-party trademarks have been printed in caps or initial caps and are used for referential purposes only. The use or display of other companies’ tradenames, trademarks, or service marks does not imply a relationship with, or endorsement or sponsorship of us by, these other companies.
Private Machines Inc. 164 20 Street, 4th floor Brooklyn, NY 11232 https://privatemachines.com [email protected] +1 - 631 - 731 - 1695