CubeOne™-Column Level Encryption Solution supporting Encrypted Index Search

CubeOne-WorldStar International JSC

What is CubeOne?

CubeOne™ has a unique structure that is suitable for application to the large-capacity DB, which stores important information (personal information). The creativity and technological prowess of the technology was proven as it was awarded NEP (New Excellent Product) and patents at home and abroad. In addition, unparalleled excellence was tested by many large-scale system development projects including SKT and Health Insurance Review & Assessment Service, and CubeOne™ customers are quite satisfied.

DBMS security intergrity of CubeOne?

Perfect key secrecy in which the data and key are not disclosed at the same time

CubeOne™ complies with the FIPS-140 standard, and is a safe product equipped with KLIB V.15 – encryption module verified by the National Intelligence Service. This product has a strong key management system that has no possibility of the data and key disclosure at the same time under any circumstances, as the plaintext key is not saved in the AP server disk. (Supported algorithms: ARIA, AES, SEED, TDES, DES, and SHA)

 
Standard of technical protective measures Conformance method
Encrypted saving of important personal information Encryption by column
Saving the access log of important personal information
in a separate storage device
Saving in CubeOne™ Secure Server
(saving in a server separated from the DB)
The access log of important personal information is saved in such way that forgery, Encrypted saving
(encrypted information cannot be forged or altered)
alteration, and damage can be prevented Performing access control Access control of encrypted columns
(satisfying the requirements together with network security devices)
The password and bio-information are encrypted in one direction before saving. Applying SHA-1/256/384/512 algorithm

CubeOne Structure

Hybrid type S/W that supports distributed processing

Several DB servers and AP servers can be managed by one CubeOne™ Manager Console for the security administrator in an integrated manner. As all jobs are processed automatically using the GUI, even a novice security administrator can manage the database without difficulty (separate on duty). In addition, CubeOne™ is hybrid-type software that can use the plug-in of the DB server and the API running in the AP server at the same time. As a result, CubeOne™ satisfies the requirement for the high performance of the API product and convenience of no plug-in product application modification at the same time. CubeOne™ is an epoch-making product that supports indexed search using the encrypted index, as the advanced index is used when the API is used.

CubeOne solution - World Star International JSC

CubeOne Peformance

Remarkable records in every BMT

CubeOne™ has been recording strong performance beyond compare in many large-scale BMTs. There are none of the performance degradation issues in CubeOne™ that appear in many existing products. Furthermore, we can see conspicuous performance enhancement after encryption, if the running DB is encrypted in real time without stopping it. This is an additive effect of the reorganization function provided by CubeOne™. And more importantly, performance degradation in OLTP is hardly recognizable.

CubeOne-World Star International JSC

Supporting outstanding concurrent session processing capability and perfect three-tier architecture.

CubeOne™ has been processing a large volume of concurrent transactions during the BMT and in actual operation environments without difficulty. In addition, CubeOne™ works perfect without any limitations when WAS and DB are connected via XA-Session in three-tier architecture.

CubeOne application area

Customer information (personal information encryption)

The customer information is saved in accordance with “the law and enforcement ordinance regarding the promotion of information and communication network utilization and protection of personal information (No. 21278)” and
“encryption guidelines” issued by the Ministry of Public Administration and Security. Passwords, resident registration numbers, and bank account numbers are encrypted.

Encrypting ERP (HRM) information

Unnecessary conflict between field departments and an IT team can be avoided by encrypting sensitive columns of HR information on organization members as well as important enterprise information (accounting, purchase, and sales information).

Encrypting drawings, videos, and scanned documents

If the LOB type encryption function is used, which is provided solely by CubeOne™ in the industry, there are many areas where encryption by CubeOne™ can be applied. Besides technical documents saved in the database, video and ID check documents that are scanned and stored can be encrypted regardless of their size.

CubeOne-World Star International JSC

This post is available in: enEnglish