Technical Solutions Detail

Tricryption® Government Solution Areas

File Protection: On Servers, Desktops, Laptops or Tablets
Tricryption® may be deployed to protect any type of file (PDF, Excel, Word, images, audio, signal, etc…) stored throughout the government enterprise. Each file is encrypted with its own unique key. These keys are stored centrally in a key database maintained by the organization. With Tricryption®, all sensitive files may be protected from equipment loss, theft, or network breach. In addition, this technology allows secure sharing of files among authorized users, auditing, and real-time access revocation. To the user, the file encryption, key controls and access management are transparent alleviating work disruption and the need for user training.

Database Encryption:

Integration of Tricryption® into the government applications and databases allows a user application to selectively apply the appropriate encryption policy necessary to safeguard sensitive information (i.e. classified data, Personally Identifiable Information [PII], source information, government internal data, etc...). Tricryption’s® capability provides for a very granular level of encryption, down to the field level, allowing the use of one key per field, or one key per record. Such granularity increases the security of databases and prevents even trusted employees (database programmers, administrators, backup operators) from viewing sensitive information content.

De-identification and Anonymization of Records within a Database:

Government relational databases may contain multiple tables joined and linked to each other. This enables a record in one table to be linked to one or more records in other transaction tables. This capability allows navigation between various types of data and their characteristics and attributes. With Tricryption® based de-identification, the relationship between tables will be encrypted, rendering the link between data and sensitive detail/descriptive information accessible to authorized individuals. For all intents and purposes, this technology renders all data in the database anonymous. A formal anonymization capability also may be implemented that involves a third party agent that may exchange sensitive data records with fully cryptographic aliases or pseudonyms. These aliases provide unique anonymous identification for the data records and allow authorized users to re-associate the sensitive information. While anonymized, the sensitive data is encrypted and secured in a database at the anonymizing agent and is accessible to only those users the data owners designate... There is no local or network administrator access.

Executable Encryption:

Tricryption® may be deployed for securing executables from inappropriate access. The encrypted applications and executables run without negative performance impacts. Like all Tricryption® solutions, accessibility may be restricted to only those authorized and controls may be maintained by the executable owner dynamically. By encrypting executables, protection of application functions, access to capabilities, and security of intellectual property are maintained.

Mobile System Encryption—Laptops and Mobile Devices

Tricryption® secures files on networked workstations, servers, and mainframes. The solution also extends to mobile devices including laptops and mobile devices (Windows Mobile). The ability to support laptops in a network tethered or autonomous mode while maintaining file level security and audit ability should be of interest to government organizations desiring control of their transient information and files.