With the Virtru Data Protection Platform, you can quickly integrate security and privacy for any data type—such as files, emails, structured or unstructured data—produced or consumed by your applications and connected devices. Whether you are building web or mobile applications, IoT or ML projects, sensitive data can be encrypted and protected even when disseminated into untrusted environments.
The Trusted Data Format (TDF) serves as the foundation for the Virtru Data Protection Platform, which simplifies data-level protection across systems and data types. Importantly, data owners maintain the ability to revoke, audit, and track the data even after it leaves their system. The Virtru SDK makes it easy to create TDFs and is interoperable across environments—including multi-cloud environments—so there are no vendor lock-in or infrastructure constraints.
In a few lines of code, developers can use the Virtru SDK to encrypt any data using the TDF format within an application or as it leaves their application. TDF cryptographically binds together:
- The payload (data to be encrypted)
- Encryption keys (per object)
- Access control policy
Importantly, TDF and the Virtru SDK allow developers to configure the access policy on the data as they wish. This can be based on any range of criteria, such as users, group membership, time, etc.
The data is now “self protecting” so you can send it anywhere. With the TDF protective wrapper traveling with the data, the data basically self protects by persisting encryption with the data wherever it goes.
Authenticated systems / individuals will be requesting access over time. With each access request, new entries appear on the audit log. For instance, if you allowed re-sharing, this will appear in the audit logs and Control Center. If unauthorized access is attempted, the audit logs will show that as well. The audit log provides persistent insights into who accesses, or attempts to access, the data - where, when, and over time.
TDF and Virtru allow access policy changes over time, including by individuals, devices, or by geography, as your requirements change. Revocation is the most dramatic and impactful control, and visually demonstrates your full data control capabilities.
The architecture diagram below details how the SDKs, Key Management Infrastructure, Policy Management via Control Center and the Trusted Data Format (TDF) combine to help you customize security and privacy into your applications.
As mentioned above, TDF provides the foundation for the entire Virtru Data Protection Platform. Created by Virtru Co-Founder and CTO, Will Ackerly, TDF is an open data format that provides a protective wrapper that travels with data. When invoked, Virtru SDKs ensure that all your objects (files, emails, etc) are encrypted, policy bound and persist as Trusted Data Format files. Once your objects are in TDF format, they can be shared or stored freely by your application. See our TDF overview to dive deeper into how it works.
The Virtru SDK helps developers create TDFs within existing systems so organizations can reap the benefits of data protection and secure sharing. The Virtru SDK facilitates key management and access policies, including multiple access policies within specific files and retrieving user entitlements through streamlined communication with the policy server. Policy management is no longer the enemy but becomes simplified and evolves as access privileges evolve over time. Users can apply multiple classifications and access policies within a specific file, ensuring recipients can only view the portions that adhere to their access privileges.
Virtru Control Center is an administrative dashboard that allows admins to set, enforce, audit and revoke all key access requests, and thus all data requests. Admins also use Control Center to define policies, manage users and revoke access.
Virtru SDKs use Virtru's Key Management Infrastructure by default. Virtru's Key Management Infrastructure is based on Attribute-Based Access Controls (ABAC) and contains services necessary to host, secure, and control the access of the encryption keys. The Virtru Key and Policy Management Infrastructure stores and retrieves keys as well as the policies associated with the keys. This highly scalable and secure infrastructure acts as a backend for KAS.
The KAS acts as a Policy Decision Point (PDP). KAS decides whether an entity has the privilege to decrypt an object—like a file or email—or not. KAS makes this decision based on both an object’s access requirements as well as user privileges. If the user meets the access requirements, the decryption key is returned to the client. If not, access is denied.
EAS provides Identity Management services and returns the attributes associated with an authenticated user. These attributes are used by KAS to make key access decisions. EAS supports Federated Identities, thus ensuring that customers can apply their pre-existing identities (and attributes).
Virtru SDKs integrate existing identity standards such as OpenId, OAuth, and SAML, for user authentication. There is no need to recreate identity standards, expediting authentication and allowing you to work within your preferred identity standard. Our federated identity management simplifies authentication while maintaining the granular access controls to optimize security and privacy and prevent unauthorized data access.
By creating a security model focused on the data, the Virtru Data Protection Platform disrupts the decades-old network security paradigm to give data owners greater control. A combination of crypto, policy, and access management features provide robust protection that travels with data regardless of platform or system.
Done right, you’ll no longer need to trust the systems storing your data. With the Trusted Data Format (TDF) as the open format for data-level security protections, Virtru and TDF together enable a fundamental shift in security models. Instead of placing the numerous control requirements on any system storing your data, these same requirements are placed on the data so you can securely create or share data with specific access policies. Fundamentally, Virtru and the TDF together allow you to:
- Encrypt data to enforce policy.
- Let your data go anywhere.
- Grant or deny access inside and outside your environment.
- Audit access over time.
- Change policy as needed after dissemination.
Data remains protected not only within corporate sanctioned applications, but also as it travels across the range of platforms and services, including cloud-based apps and external partners.
Every object explicitly declares HOW it was encrypted, with what algorithms, key sizes, and modes. This enables maximum interoperability and future-proofing, to allow the application of the strongest crypto standards at any given time. As crypto standards evolve, it is easy to update and replace them without disrupting the underlying security model.
To protect confidentiality and integrity of data wherever it goes, TDF supports encryption of any size and type of payload (see TDF Overview for links to how the schema supports all scenarios) with support and use of the strongest encryption standards available.
Virtru apps and SDKs today implement the following symmetric algorithm and modes:
- AES-256-GCM (256-bit key Advanced Encryption Standard in Galois Counter Mode) (default)
- AES-256-CBC (256-bit key Advanced Encryption Standard in Cipher Block Chain) (deprecated)
Note: CBC is recommended for use only to read previously encrypted TDF objects.
Virtru apps and SDK universally implement RSA 2048 by default for maximum interoperability. Elliptic Curve Cryptography has been implemented, but deployed today in a limited fashion. If you have an interest in ECC-enabled TDF please reach out to our devs at [email protected] We’d love to work with you.
The latest TDF allows for the inclusion of explicit data integrity metadata. This is designed in particular to support:
- Very large file encryption and decryption: segmentInfo can contain encryption information for parts of files, enabling large files to be encrypted in smaller chunks, with encryption metadata (including integrity) of each chunk being stored in this element. A parent hash strategy against the whole ensures that no segment can be removed or re-ordered.
- Streaming data integrity: similar to large files, per segment validation allows only some of a given file to be downloaded and still be able to validate its integrity. This is crucial for performant viewing of streamed and/or large content where integrity is required.
Track and evolve policies over time with granular access privileges and audit features, even after data dissemination.
Access control policy can be either embedded within a TDF as a cryptographically-bound object independent of payload or remotely managed. This can take the form of a TDF Assertion, with or without payload encryption. For encrypted payloads, policy can be cryptographically bond to the payload key via HMAC (see TDF spec for details).
Policies can be created in almost any fashion via a flexible Attribute-Based Access Control model. This can include the use of data attributes like classification or authorities, or basic access control lists like email addresses. Please see our SDK documentation for more details.
TDF protocol and infrastructure enables logging every key request for reliable auditing and tracking of access requests. This provides an unprecedented ability to track who accesses what data, at what time, and where. The data audit can not only track by person, but also by location and device. Data can be bound to groups and individuals as well as to devices and locations.
The capabilities above can be composed, in particular when using Virtru SAAS key management, to give you the ultimate ability to evolve policy over time in sync with changing needs or based on observed threats in particular as surfaced by audit.
Check out Virtru SDKs
Check out our SDK and start implementing this security model today.
Updated 8 months ago