Cookies management by TermsFeed Cookie Consent

Classified Information Protection 

Solutions based on cryptographic means and systems for the protection of information

We have been providing solutions for secure and trusted communication using cryptographic methods and systems to the public sector for decades.

Protection of sensitive and classified information by encryption is frequently only a part of an overall security solution which must ensure:

  • information confidentiality – information is only accessible to authorized persons, i.e. is protected against access by unauthorized persons who could potentially misuse it,
  • information integrity – information is protected against modification or incompleteness due to theft, loss or damage,
  • information authenticity – the origin of the information is clear and trustworthy; information demonstrably originates with a known, trustworthy person,
  • information availability – information must be available to authorized persons in real time and at the place, by means and in the form required by these persons,
  • information trustworthiness – information must be true and trustworthy based on its integrity and authenticity and its content must be verified by several independent, trustworthy sources.

Confidentiality and integrity of information is assured by encryption, the other functions of the solution are ensured by other components of the encryption system or its cooperating sub-systems.

Our security solutions are based on extensive experience and products of our technology partners secunet Security Networks AG Germany, Crypto AG Switzerland, Sectra Communications Sweden, PRIM´X Technologies France and others.

  • What are means of cryptographic information protection and what they are used for

    We live in an age of digitization and electronic communication and the protection of electronic data and information becomes an absolute necessity. Information carries extreme value to any organization and in terms of the right information being available at the right time, the right place, in the right form and for the right people. It is an indispensable and decisive factor of the organization's success.

    Potential information leaks and the subsequent misuse of information may be fatal. There are many ways of protecting information in digital form. Encryption is one of the safest.

  • The value of encryption is directly proportional to the value of the information

    Simply put, encryption is the process of encoding information so that unauthorized persons cannot read or modify it. Encryption changes the form of the data and the new form can only be read by those who have access to a decoding key or possess tools and data allowing them to create a decoding key. At present, encryption is one of the most popular and effective methods of securing data used by organizations.

    The purpose of data encryption is the protection of confidential data and information in electronic format, stored in information/communication systems and transferred using the internet or other computer networks. The outdated DES (Data Encryption Standard) has been superseded by modern encryption algorithms which play a decisive role in the security of IT systems and communication.

  • The ABC of Cyber Security

    Encryption algorithms ensure the confidentiality of data and determine other key processes and elements which then form the cyber-security basis of any information/communication system, including authentication and authorization of communicating devices, applications or persons, ensuring the integrity of data and non-repudiation.

    Authentication is the verification of the origin of the message while authorization ensures that messages are delivered and decrypted only between authorized devices, software applications or authorized persons. Integrity provides proof that the content of the message has not been tampered with since the message was transmitted. Non-repudiation provides assurance that the message was transmitted by an identifiable sender who cannot dispute having sent the message. Encryption, however, provides neither availability nor trustworthiness of the data or information protected by encryption.

  • The process of data encryption

    The two most frequently used encryption methods are asymmetrical encryption, also known as public key encryption, and symmetrical encryption.

    Symmetrical and asymmetrical encryption are often used in combination. The source text is encrypted using a symmetrical cypher with a randomly generated symmetrical key. This symmetrical key is then encrypted using a public key of an asymmetrical cypher and delivered, together with the encrypted data, to the specified recipient. The data can only be deciphered by the holder of the private key to the asymmetrical cypher used.

  • Symmetrical Encryption

    Symmetrical encryption is a method in which the keys used to encrypt and decrypt data are identical. For symmetrical encryption the sender and the recipient must first agree on a key which they will use, or the encryption parameters and method which will allow both the recipient and the sender to create identical keys. If the same key is used for a longer period the risk arises that after some time another person may decode the information protected by the encryption using sufficiently powerful computing technology and knowledge of the encryption method. The advantage of symmetrical cryptography is that it requires less computing power for both encryption and decryption, which means higher speed of encrypting and decrypting, and a reduced delay caused by the encryption and decryption on cryptographic devices. This leads to a high through-put of the communication link secured by the cryptographic means.

  • Asymmetrical Encryption

    Asymmetrical encryption uses a pair of keys, public and private. The public key is used to encrypt the message and may be shared with anyone. The private key is used to decrypt the message, hence it must be protected. Asymmetrical encryption requires high computing power of both the encrypting and decrypting device, which leads to a relatively large delay caused by the process of encryption and decryption on cryptographic devices. This encryption method is therefore not suitable for securing communication links or communication services which require fast data transfer with a short lag for real-time communications. Another disadvantage of asymmetrical encryption is the method of creating a public key which does not allow for the creation of keys like with the symmetrical encryption method, without the need for transmitting a key to the other party.

  • Protection of data over its life-cycle

    Data and information which need to be kept confidential and protected from unauthorized persons, must be protected at every stage of their life-cycle. There are basically three stages: at rest, in motion and in use. Data at rest is the data not being used or processed at the moment, resting on corporate servers, work stations, in repositories or on storage media. Such data is usually stored on a hard drive in digital format and must be protected by encryption using cryptography means applied to the whole hard drive or its partitions.

    Data in motion is the data and information which is being transferred in an information/communications system or between systems, between trusted partners, between workstations and central repositories or transmitted to storage media during recording or backup. In this case the data and information can be protected using line (L1), data (L2) or network (L3) encrypters allowing different transfer speeds.

    The last category is data in use. This is sensitive data which is being used or processed, located usually in the operating memory of servers or workstations. Its security can be guaranteed by thorough specification and monitoring of access rights to such data by particular software applications and/or authorized persons.

  • Use of encryption in practice

    Protection of data and information in electronic form by encryption has become an integral part of our life even though we frequently take it for granted. For us, users of information and communication systems, encryption and decryption is completely transparent. The whole banking system is based on cryptographic data protection. In the age of online transactions using internet banking or bank cards the banks need to build the best possible data protection systems for their clients. Encryption of the highest standard is used with all digital transactions and files. Encryption protects all banking transactions as well as the banks' communication, protecting the clients against misuse of their personal data and payment information.

    Other areas where the need for data protection is high are the armed forces and various military authorities and organizations which collect, process and store information on military operations or international missions. This information frequently affects national or international security and it has to be protected by special cryptographic data protection means certified by the appropriate security authorities for the intended purpose.

  • Electronic signature in practice

    Few people realize that even the electronic signature used in the Slovak eGovernment system is encrypted. The encryption key and a qualified certificate are stored in the chip of the ID card and are used to create a personal electronic signature which allows citizens to perform legal acts online. Data encryption can be used to verify the identity of citizens and protect their data at the same time. Electronic public administration systems are being introduced all over the world and require similarly high levels of security.

    Cyber security experts consider encryption to be the most reliable means of data protection. The goal of cyber security is to protect the data of users of information and communication systems against cyber attacks which become more numerous with every year.

  • Secure Inter-Networking Architecture (SINA)

    SINA is a solution which enables secure communication of computers connected to the network. The system is based on encrypted tunnels, called VPN (Virtual Private Networks), between the communicating devices. SINA is more than just an encryption-secured communication system; it is a complete, secure, information/communication architecture with integrated security elements on various levels of the ISO/OSI communication model, including digital authentication and authorization of devices and persons using the SINA, security policies and encryption.

    The SINA system consists of several products which integrate encryption and VPN but are also used for secure processing, storage, transfer and verification of classified and other sensitive information. The SINA system offers scalable solutions aimed at national, international and supranational infrastructures with certification of international security authorities for levels of up to EU SECRET and NATO SECRET.

  • SINA Workstation

    SINA Workstation is one of the products of secunet Security Networks AG (Germany). It offers a high level of protection while working in virtual environment anywhere, anytime. Data and applications are accessible in a secure manner and without restrictions. Access is not limited by available storage space or type of unsecured internet connection.

    The end-to-end encryption methods implemented in the SINA are capable of protecting classified documents and sensitive data at every stage of their life-cycle and for any type of user connection to the network. SINA offers a unique solution at a time when employees work remotely on a regular basis.