RDBMS Security Integrity of CubeOne
Perfect key secrecy in which the data and key are not disclosed at the same time
CubeOne has a strong key management system that has no possibility of the data and key disclosure at the same time under any circumstances, as the plaintext key is not saved in the AP server disk. CubeOne complies with the FIPS-140 standard, and is a safe product equipped with KLIB V.15 – encryption module verified by the National Intelligence Service. (Supported algorithms: AES, TDES, SHA, etc.)
Hybrid Type S/W that supports distributed processing
Several DB servers and AP servers can be managed by one CubeOne Manager Console for the security administrator in an integrated manner. As all jobs are processed automatically using the GUI, even a novice security administrator can manage the database without difficulty (separate on duty). In addition, CubeOne is hybrid-type software that can use the plug-in of the DB server and the API running in the AP server at the same time. As a result, CubeOne satisfies the requirement for the high performance of the API product and convenience of no plug-in product application modification at the same time. CubeOne is an epoch-making product that supports indexed search using the encrypted index, as the advanced index is used when the API is used.
Securing Real Application Independence
As The CubeOne Plug-in is independent from the application, application developers and managers don't have to worry about the encryption. That is, users can use the existing SQL statement without alteration. In particular, as CubeOne manages dependency related jobs (e.g., trigger) on behalf of the DB administrator, no additional manual work is required.
Other New Technologies That are a Step Ahead
CubeOne is full of other diverse functions that are not available in competitors' products, including the dual mode implemented first in the industry, based on actual development experience; additional encryption without decryption; real-time synchronization that applies encryption to connected sessions immediately; multiple monitoring console; triple-depth password encryption; detection and control of the changed password and application name.
Best Operability and Fault-tolerance Structure
CubeOne API and Plug-in provide architectures that ensure normal operation even if all daemon processes are faulty. In addition, a key distribution server (Security Server) is provided so that the key loaded into the DB and App server can be automatically loaded at the time of re-startup for the purpose of confidentiality. Owing to this architecture, the fault-tolerance feature of CubeOne is the best in the industry.
Supporting The Indexed Search Function using The Encrypted Index
CubeOne is the only product that completely supports table and index encryption, and allows index search using this encrypted index (patent is registered). Once encrypted by CubeOne, there is no serious performance degradation due to full table scan.
Conformance Method to comply Standard of Technical Protective Measures
Encrypted saving of important personal information
Saving the access log of important personal information in a separate storage device
The access log of important personal information is saved in such way that forgery, alteration, and damage can be prevented Performing access control
The password and bio-information are encrypted in one direction before saving.
Encryption by column
Saving in CubeOne Secure Server (saving in a server separated from the DB)
Encrypted saving (encrypted information cannot be forged or altered)
Access control of encrypted columns (satisfying the requirements together with network security devices)
Applying SHA-1/256/384/512 algorithm
Remarkable Records in Every BMT
CubeOne has been recording strong performance beyond compare in many large-scale BMTs. There are none of the performance degradation issues in CubeOne that appear in many existing products. Furthermore, we can see conspicuous performance enhancement after encryption, if the running DB is encrypted in real time without stopping it. This is an additive effect of the reorganization function provided by CubeOne. And more importantly, performance degradation in OLTP is hardly recognizable.
CubeOne Application Area
Customer Information (Personal Information Encryption)
Encrypting ERP (HRM) Information
Encrypting Drawings, Videos, and Scanned Documents