On Your Device
Open Source Software
The device software’s source code is available to the public and may be tested for potential weaknesses any time.
Strong User Authentication:
- Strong password policy & display of password strength
- 2-Factor authentication with password and SMS pass code
- Optional iDGARD Login Card
(Credit card sized TAN generator)
Protection against Producer Cloud
- Local view of documents in file systems, that are not synchronized with producer clouds (iCloud, Google Share, etc.).
Secured offline availability of files (Smart Caching)
- Encrypted memory (AES 256) of downloaded files
- Offline availability only until end of app session. All local data deleted reliably thereafter
Application Security of Browser User Interface
- No technology that is, per se, vulnerable to XSS or other attacks
- No technology that might, per se, enable drive-by attacks
Architecture & Software Design
Encryption & Key Distribution
- A-rated SSL encryption (key length: 2048 bit), for transfer from device to Sealed Cloud
- Private key for SSL link connection not in the hands of the cloud service provider (import only upon boot by independent party)
- Accessible via any browser, no additional software necessary
- Alert of attempted man-in-the-middle attack via app & browser plug-in
- No system key: each user set is coded with an own key, generated by user name and password. The keys are not stored
- Individual AES-256 encryption for each respective file & Privacy Box
- KNone of these keys accessible by the cloud service provider or application
- Fully new encryption of Privacy Boxes any time these are closed. Result: box link access by service provider staff excluded technically
- Invitation of new users & box guests per box link and optional box code
Trustworthy Software & Software Integrity
- TPM & HW based chain of trust covering entire software stack
- Development and deployment process of externally audited software components & versions in creation
- Centralized software deployment via NetBoot. Only fully signed stacks bootable
- Classic trusted software development procedures (peer programming, committer model, etc.)
- Dynamic software component & operation testing methods (currently in development)
- Methods of improved trustworthy SW development (e.g. automatic code creation) currently being researched (in cooperation with Fraunhofer AISEC, et al.)
Security against Internal & External Spying
Perimeter Security (Protection against External Attacks)
- Security & data protection as per Federal Office for Information Security’s IT Baseline Protection Catalogs applies to service provider Uniscon and Sealed Cloud infrastructure alike
- Implementation of respective entry, access, forwarding, input, assignment, availability, and disconnection control measures
- Implementation of multi-stage, state-of-the-art firewalls (classic, multi-stage ones plus web app firewalls)
- Application of state-of-the-art intrusion detection & prevention systems
- Hardened server OSs
- Physical network disconnection for boots & alerts and traffic
- Load sharing without encryption scheduling
- Electro-optical & electromechanical monitoring of all door, floor, wall, and ceiling systems
- Electromechanical locks that control access pursuant to Sealing Control policy
- Recording of all administrator & system activity per WORM technology
Data Clean-up (Triggered upon Internal Attack Attempt)
- Uncencrypted data processed exclusively data clean-up area (no persisten memory)
- Sensor alarm triggers logical & physical data clean-up
- Data clean-up triggered upon both intentional & inadvertent access attempts
- Prior to clean-up, current user sessions first migrated to unaffected Sealed Cloud areas and unencrypted data encrypted and stored
- Affected segment server data then deleted and servers disconnected
- 15-second server disconnection reliably deletes all unencrypted data, before granting electromechanical doors server access
Sealed Cloud: Fully Integrated Security
Sealed Cloud is an integrated security concept, that considers all known attack vectors. To date, iDGARD is the only application worldwide, to ensure such comprehensive protection via Sealed Cloud technology.
System Overview & the Audit Role
Sealed Cloud system illustrating the security concept’s three most crucial principles:
- Key distribution for connections between user and Sealed Cloud and encryption for the database / file system
- Protection of unencrypted data in the clean-up areas
- Static & dynamic auditing and certification by external, trusted inspection agencies
Security Benefits Compared to End-to-End Encryption
iDGARD not only protects the content of communications but also their METADATA:
- No disclosure of who communicated with whom, how long
- No disclosure of when a communication took place
EP 2389641 & Other Patents: Sealed Cloud
Trust in state-of-the-art security is based on the security concept’s transparency and its implementation. In combination with independent audit reports and respective certification, our patent applications and patents ensure iDGARD users maximum security and its correct implementation.