Monday, July 13, 2009

eCLIPse – Enterprise Clip Security

eCLIPse – Enterprise CLIP Security is a software security solution for any business that requires frequent exchange of secure encrypted data. eCLIPse, simple to integrate and apply, provides safe transfer of confidential data to and from authorized external resources all the while preventing unauthorized viewing. Security is managed by smart-card technology (smart-card chip fitted into a USB token). Using simple, effective and affordable physically secure USB tokens, eCLIPse functions at the National Institute of Standards ( USA’s NIST) “FIPS 140-1 level 3”)

Initialization - Setting up the keys
A standard practice is to have groups of two users from two business areas with each user only providing one half of an encryption key. The company is protected, since this practice ensures that one user does not know the other’s key choice. Putting the two halves together by random selection means that each user does not know a final key value. eCLIPse supports multiple encryption tables with randomly assigned keys. Head office security administration sets up the USB token contents to match. There are two levels of head office control. One is constructing one more tables by choosing ten keys to insert into a table, and the other is choosing which of the keys from within an assigned table will be further assigned to an individual or group. Essentially, each business area may set up its own table and assign users to specific keys.

Comparison with Hard drive Encryption
eCLIPse encryption management is the best solution. Here is why. The argument that one will provide is, why not use a hard drive that is fully encrypted, who needs eCLIPse ?

When the hard drive is encrypted, a problem may arise if a file has to be copied or if maintenance has to be performed. An encrypted copy from that hard drive may not decrypt correctly on the target device. This is usually due to hardware differences between disk drives from the same manufacturer and especially if the target drive has no encryption. If a technician has to repair the contents of the system with the encrypted hard drive, he needs the encryption / decryption keys (provided at logon). If he can log onto the system, he has access to the data, and likewise, so can a hacker. Other concerns include alpha-numeric sorting of encrypted data. There is no guarantee that in using an encrypted drive, data can be sorted in lexicographical order.

Your company’s “Information” is more valuable than the computer it is on. If your laptop computer is lost or stolen, your confidential information cannot be decrypted without your authorized USB token.

Other Uses for eCLIPse
Do you have trouble remembering all your passwords and other personal information? With eCLIPse, you can safely store them in an encrypted file protected by the USB token.

How Eclipse works
Easy, first you will receive the pre-encrypted file (s) from Head Office. The encrypted file was created choosing two of the 10 keys. Instead of transmitting the keys, the index entries of these two keys prefix the data along with other meta data, such as the encryption algorithm used. The file is sent to the user(s) using a safe file transfer method (Secure FTP in an SSH environment). Note that the 10 keys stored in the USB token are identically stored in the head office image of the token’s table.

To view the file, start eCLIPse and plug in and log-into USB token. The two key indexes and the encryption method is read from the file. The two index values are used to retrieve the decryption keys from the USB token. Along with the algorithm ID, decryption takes place. Encryption publication methods supported are “DES Data chaining” and Triple DES.

For uploading to the server, start eCLIPse and logon to the USB token. Two of the encryption keys stored in the USB token are used to encrypt the data prior to uploading. The encryption keys, selected by head-office administration, are different from the server to laptop decryption keys. The file is encrypted and pre-pended with the indexes of the encryption keys placed in the file header. After reception by the head office, the data is decrypted in decrypted in the same way as files sent to the laptop.

All encryption keys and key locations in the table are managed with the eCLIPse administration facility. The administration facility is a head-office tool, and it is the only place where one can initiate an update to the USB token. All information on the USB token is hardware protected and encrypted. Common practice is to update all the USB tokens and decryption keys every other year.

Two different recipients with copies of the same data, after encryption, may receive differently encrypted downloads as the “table with keys” and the ordered list of encryption/decryption keys may differ from USB token to the next. This means that if one individual loses his USB token, the one he borrows from his peer may not decrypt his own data.

Three Strikes and Your Out
The hardware of the USB token is designed to support an absolute maximum of ten successive failed logon attempts after which the USB token must be returned for hardware re-initialisation. Within eCLIPse we have set the application logon threshold to three. In the event of USB token logon failure, eCLIPse provides for overrides via voice contact to head office. Standard questions from head-office are used to validate the user. Following user validation the user has twenty minutes to use a password given verbally or by email. He uses it to login to the USB token and is forced to immediately enter a new user password.

Session timeout
If the user leaves the laptop inactive for predefined time, eCLIPse can be set to block and requires a new logon. There is a keyboard lock option to handle coffee breaks.

The USB token remains on the owner’s keychain, is not stored with the laptop and is not normally interchangeable with another users USB token. Each USB token also has a logon access mechanism, with options to control number of logon attempts before lockout, number of allows executions, timeout mechanisms and many other selectable security functions.

eCLIPse provides up-to-date safe transfer of confidential data to and from managers and auditors, all the while preventing unauthorized viewing. Encryption security is managed by eCLIPse's head-office administration system, tailoring full transfer management of encrypted data between the individuals laptop and head office.

eCLIPse Modes of Operation
eCLIPse may be setup for batch download.. eCLIPse itself does not do the file transfer. Encrypted files are stored on the laptop or on a flash drive. No unencrypted data will be present on either. eCLIPse may also be used for real-time live access. Application Programming Interfaces (APIs) are provided.

Some additional system management information
USB token management. When the head office client receives his order of serial numbered USB tokens, he registers the serial numbers in a database and listed as unassigned. The database design can hold information for 10,000 USB tokens. A USB token can be used with one or more applications but to only one specific user. If need be, a user may have more then one smart-card USB token, to answer his particular needs.

Usage Examples
A large Canadian Banking-Financial Institution has regional data centers in different localities. After the head-office data processing of sensitive business data is completed, the files are encrypted and sent to their regional centers. The regional centers decrypt the received file and immediately re-encrypt it for the authorized user of the USB token. This action prevents a head-office person from knowing decryption information for the files destined to the end-user. In 10 years of use, no security loss of confidential encrypted information has ever occurred. This institution dedicated two of the 10 encryption key slots for global inter-branch transmission. A user uses the USB token to encrypt and transfer data that is needed in another branch.

Canada’s Quebec Provincial auditors, l'Autorité des marchés financiers, are using the eCLIPse system to manipulate laptop based secure data.

Not implemented is Public key encryption or PGP, but may supported on request. Triple DES is banker secure, executes well on older laptops as well proven.. The USB token keys for future algorithm support may vary from 64 bits to 640bits (8 bytes to 80 bytes).

The eCLIPse USB token is validated to security level FIPS 140-1, level 3, from the National Institute of Standards and Technology, USA.