CryptoTrust

Comprehensive Access Control and Cryptographic Key Management Solution

CryptoTrust is a complete solution designed to provide secure access control and efficient cryptographic key management in cloud storage environments. Its simple, scalable, and data-agnostic approach makes it the ideal choice for organisations looking to protect their data efficiently and securely.

The platform consists of two main components:

An access control mechanism based on the XACML (eXtensible Access Control Markup Language) architecture. This standard allows defining who can access which resources and under what conditions, implementing these policies in a centralised and flexible manner, and sharing the policies with different systems and applications.

A key management and encryption policy system.

How It Works

Encryption Policy Request

The client requests an encryption policy from CryptoTrust, which includes a cryptographic key for encrypting the information.

Data Encryption

Once the encryption policy is received, the client encrypts the information using the provided key. This process is asynchronous, allowing operational modes even without an Internet connection.

Storage of Encrypted Information

The encrypted information is sent to the cloud provider for secure storage.

Retrieval of Encrypted Information

When access to the encrypted information is required, the client queries the provider to retrieve it along with the applied encryption policy.

Consulting CryptoTrust

With the retrieved encryption policy, the client consults CryptoTrust to obtain the complete associated policy, which includes the cryptographic key necessary for decryption.

Key Features

Zero Trust Architecture

CryptoTrust is designed with Zero Trust principles. These principles reject implicit trust and require constant verification before granting access to resources. Its pillars are:

Verification: Continuous authentication and authorisation before accessing resources.
Minimisation of Privileges: Granting the least amount of privilege necessary to perform a task.
Network Segmentation: Dividing the network into distinct security zones to prevent lateral movement of threats.

Implementing Zero Trust helps to reduce the risk of attacks, detect threats more quickly, and improve overall security. Zero Trust demands careful planning to tailor it to specific needs. Based on this approach, our platform does not have access to client data, ensuring that no attack on the platform can compromise them.

Scalability

The scalable architecture of CryptoTrust ensures that the solution can adapt to the changing needs of organisations, from small businesses to large corporations.

Data and Location Agnostic

The solution is entirely agnostic regarding the data to be protected and its location. It can easily integrate with a variety of cloud storage systems (AWS, IBM, Google, etc.) and adapt to different types of data, from confidential documents to multimedia files.

Application Registration

Applications interested in adding an additional layer of encryption can register on the platform. The interaction with the platform is granular, and each application receives a token or API key for secure access.

Advanced Hybrid Encryption

With CryptoTrust, the company will have the ability to use hybrid encryption that combines elliptic curves and standardised post-quantum algorithms to ensure the security of data both in transit and at rest.

Flexible Key Management

Users can define customised encryption policies that include the management of cryptographic keys. This allows for flexible and adaptive key management according to the specific needs of each application or system.

With CryptoTrust, the security and confidentiality of data are fully guaranteed because:

The cloud provider never has access to the cryptographic keys used in the encryption.

We never store the encrypted information of our clients.

Communication with the platform is encrypted, ensuring the confidentiality of data in transit.

FAQS

What is a cryptographic key?

A cryptographic key is a value used in cryptographic algorithms to encrypt and decrypt data. These keys are essential for the security of cryptographic systems, ensuring that only authorised parties can access the protected information.

What is an access control and cryptographic key management solution?

An access control and cryptographic key management solution is a system designed to manage and protect access to sensitive data using cryptographic techniques. This includes functions such as authentication, authorisation, key management, and access control based on policies and business rules.

Why is it important to have such a solution?

These solutions are crucial for ensuring the confidentiality, integrity, and availability of data in environments where security is critical. They help prevent unauthorised access, protect against data theft, and ensure that only authorised individuals can access sensitive information.

How does an access control and cryptographic key management solution work?

The solution uses cryptographic techniques to encrypt and protect sensitive data. It also establishes access policies that determine who can access which resources and under what conditions. Cryptographic keys are securely generated, stored, distributed, and revoked to ensure data security.

What benefits does this solution offer?

Key benefits include protecting sensitive data, preventing unauthorised access, complying with security and privacy regulations, reducing the risk of security breaches, and enhancing customer trust in cloud services.

Is this solution suitable for my company?

If you handle sensitive or confidential information, such as financial, medical, or personal customer data, an access control and cryptographic key management solution is essential for effectively protecting that data. It is also critical for complying with security and privacy regulations.