Security

The confidentiality, ownership, control and authenticity of data ultimately relies on the security of cryptographic keys such as encryption keys or private signature keys. The compromise or loss of such keys can divulge private data, destroy trust, corrupt the system, allow unauthorised access or lead to false representations.

The secure storage of cryptographic keys and other security values is therefore of vital importance. In software environments, where dedicated hardware is not readily available or accessible, security is normally reliant on the Operating System. SEAcurIT‑e® presents a more advanced and better way of doing things. It tackles the threat of data breaches and exposure of sensitive or confidential data by massively strengthening the protection and security of cryptographic keys and other important security data. SEAcurIT‑e® provides next generation security that is applicable to both traditional and emerging security applications.

A device or service may be compromised and security related information subject to analysis or attacks such as exhaustive (or brute force) search with the intent to derive security values or to remove any security protection. SEAcurIT‑e® ensures such breaches do not lead to the compromise of stored keys. More specifically, it is computationally infeasible for any party or system component other than the intended user to gain any knowledge of stored keys or other protected security values irrespective of the quality of user-supplied values such as passwords.

This ensures that it is not possible to derive any information about stored cryptographic keys or other security values by analysing the contents of the device, giving a substantial additional layer of security over standard storage methods.

There is no concentration of security and trust in any one part of the system, and consequently no single point of failure. Issues resulting from poor or weak password choices are also overcome.

The system is highly resilient, and a user's SEAcurIT‑e® components may be updated or refreshed at any time without necessitating an update of the user's managed security values or password.