| Archive system for significant information using cloud computing |
>Japanese
By distributed archive of important digital data over multiple cloud computing systems, you can use cloud computing at ease without concerning risks.
|
 |
 |
|
Enterprises and local governments are obligated to manage their significant sensitive information and personal information not to be destroyed or lost. In order to take all possible measures to ensure information security, they have to install and operate secure server environments such as Internet data centers. It entails enormous cost for them.
In response, cloud computing have drawn people's attention because cloud computing systems allow them to use application software and computer resources through the Internet as needed. Cloud computing for centeral government and local governments are also planned.
But cloud computing users do not have measures to prevent risks such as service suspension due to cloud computing service provider or the divulgence of confidential information. That is why there are not many cases of cloud computing as a storage for important data.
”Problems in using cloud computing”
*Concerns over leaving controls of important secret data to opaque cloud computing resources
In order to store digital data safely, is it OK only to encrypt digital data?
・You have to manage encryption keys used for each file.
・You have to take countermeasures against divulgence of encrypted data.
・In case of compromise of encryption algorithms you used, you need to migrate safer encryption algorithms rapidly.
|
|
“Solutions”
#Concept
・To change digital data into meaningless data that cause no problems even if divulged.
・To switch object of management from digital data to IC card.
・To replace archival place of digital data.
#Methods
・Divide digital data into three (or more) fragments.
・Each fragment of the data is enciphered using key table retrieved from the IC card.
・Each encrypted fragment of the data is duplicated and distributed to their respective archive servers.
#Effects
・Because each fragment of the data has no means, it is secure even in case of divulgence.
・Inexpensive management cost.
・It provides strong disaster-resistance.
|
|
“Elemental technology”
*Implementation image of file division and distributed archive
-conceptual diagram-
|
|
 |
|
*An example of file division and file encryption
|
|
 |
|
“brief overview of the service”
This service utilizes our digital data distributed archival system called “TranC’ertDNA”.
“TranC'ertDNA” divides and encrypts digital data, then “TranC’ertDNA” stores encrypted fragments of the data to multiple storage servers. For example a file is divided into fragment files “A”, “B” and “C”. These fragment files are stored in three archive servers in such configuration that one archive server stores fragment files “A” and “B”, another archive server stores fragment files “A” and “C”, and the third archive server stores fragment files “B” and “C”. Therefore even if an archival server divulges its fragment files, no one can reconstruct original data file. On the other hand, even one archive server is out of order by disaster, the original data file can be restored from two other archive servers. By this feature, you can construct secure and robust data management system.
Digital Media Research Institute, Inc. will provide consulting support for installing this cloud computing service.
|
|
“Feature of the service”
*Reduce TCO for servers by using cloud computing
Data dividing server and distributed archive servers are installed as instances on cloud computing, therefore user can reduce TCO for servers, and they can construct secure data storage system at low cost. Selecting archive servers installed in the region that is associated with a small risk of natural disasters upcountry, brings strong and cost-effective disaster-resistance.
*Can be easily introduced
Just putting a SCM Microsystems’ @MAXX lite secure smart card reader into your PC, you can use TranC’ertDNA easily.
|
|
|
(*) @MAXXTMlite is a secure smart card reader that support ID000(SIM) form factor IC card and compliant with ISO/IEC 7816. @MAXX lite provides fixed memory space, along with smart card based security and functionality. In combination with a SIM-sized dual interface smart card and its built-in antenna connected to C4 and C8, @MAXX lite is able to act as a contactless token.
|
|
>Japanese
|
|
情報セキュリティ
物理セキュリティ
