ZenithVault Enterprise


How does it work?

The ZenithVault Enterprise version offers access to the stored data for automated processes like recurring billing as well as access to the system owner based on token authentication designed with time limitations.

ZenithVault is a database which provides a universal CRUD API that can be integrated into any programming language within 5 minutes. The following programming languages are covered: Java, C#, Python and PHP. Please contact us for other languages as we will provide the libraries upon request, for free.

The information or data which you want to protect will be divided and separated onto at least 5 storage nodes. Each node will be running on a different operating system to avoid 0 day attacks. ZenithVault will run in at least 2 different environments (JVM and C#) for the same reason.

Each and every secret will have a unique identifier and a password associated to it. The password is also subject to dividing so that if an attacker manages to control one of the storage servers, they will not be able to use the password to request the other parts of the secret from the other nodes.

The password is unique for every secret and is known only by the secret owner. Storage nodes will not return the data back to the unsafe application unless the correct password is provided. This enterprise version allows the system owner to be able to access and edit the data from the nodes using a dedicated hardware token generator.

This allows one way data flow (the unsafe application only sends a billing request to the server slaves, never getting it back) and it also eases recurring billing. The administration can be done from a read only, security hardened, live CD operating system especially designed for this task.

It is virtually impossible for an attacker to be able to access 3 different servers, running 3 different operating systems with a single port open to only one IP, on 2 different platforms. This will be the safe environment you will create using 5 physical nodes, which is the minimal requirement (the other 2 nodes are used for partial redundancy).

The ZenithVault Enterprise version has fail-safe protection systems which offer a high availability of the cluster. Each storage node can safely fail as the system will only require 3 out of 5 servers to return the data. This configuration represents the minimum. You can employ any other configurations, such as: 10 servers with a minimum of 4 to be available.

ZenithVault Enterprise Data Flow

ZenithVault Enterprise also offers the ability to have a one way datum flow, so that even if the attackers will compromise a system the "unsafe" application will not be able to see the data being processed at that time. They will not be able to request data or sniff the request, since the system only sends out requests to the payment gateway.

Therefore the data cannot be requested back to the unsafe application. It will be forwarded to the payment gateway or depending on the application needs, returned back from a different node.

Compromised Analysis

A high protection level is achieved because client's vital information is divided among multiple servers which run different operating systems. If an attacker controls one of your servers the data they have access to will be useless because it is only a partial amount of information.

If this node is compromised, the attacker will only have access to the data that is getting sent out to ZenithVault. They will not have access to the data that is being requested, which means only half of sensitive data is being accessed. This is an extra layer of security beyond the Freeware Version.

The attacker would have to access ALL of the secret sharing nodes to gain access to the entire amount of the secret data. When you have more nodes you reduce the chances for this to happen. These nodes only accept connections on one port from the unsafe application. No other access to any other ports, IPs, computers or devices will be allowed. This means attackers could only gain access to them if they exploit the unsafe application and find a 0 day exploit for JVM or Python for the machines the application runs on. Even so, the attacker might not be able to access the system as only that port is opened to the public (if there are hardware firewalls they won't be able to open one and if there is a port getting opened, that is the signal that the server has been compromised). The chances to find 2 similar 0 day attacks for JVM and Python on multiple operating systems on the same day are extremely low.

It's quite impossible to gain unauthorized access to this machine since it only accepts incoming connections from the storage nodes. Even if such a situation were to occur, the attacker will only have access to the transactions being processed at that moment, not to the entire database.

Management Analysis

These nodes will only be allowed to receive a connection from the Management device, based on a perishable token generated by password generator (similar to e-banking password generators).

This workstation will run a read-only operating system, branded with your company name, running from a Live CD. This will ensure a fresh boot protection from viruses, backdoors and exploits. Every time you open this workstation, you will have a clean operating system. The administrator will have the ability to connect to the nodes using a token generator with passwords which are designed with time limitations. This physical device needs to be shut down at all time when not being in use. Other security mechanisms will be applied as well. However these will not be known or available to the public.

ZenithVault is vastly superior to simply storing the data in your database and encrypting it with the user's password. Why? Because encryption will not defend your information against the following types of attack:

  • The attacker downloads the encrypted data and then uses "brute force" until a reversal is achieved. Smaller data sets like credit card numbers can be cracked within minutes using for example; a powerful Amazon node.
  • By applying Luhn's algorithm the hashes can be collided on smaller data sets using brute force.

ZenithVault offers security against these attacks because it completely protects the data from brute force attacks. It will stop responding when a wrong password has been entered multiple times for the same secret ID. The system will completely lock itself when this process happens for multiple IDs over a short period of time.

ZenithVault allows you to physically distribute the servers in multiple geographical areas, datacenters, even continents, since the communication channel between the storage nodes and the unsafe application is encrypted.

The whole storage processes will happen in the background of the API. The e-commerce administrators will use a set of libraries provided by ZenithSecure so they can easily integrate the system in their site.