Infosystems Technology, Inc. | Innovations in Trusted Databases

Infosystems Technology, Inc. (ITI) is a developer of high assurance database software targeted at those customers and environments that require high integrity and secure access of mission critical data, e.g., defense, intelligence, e-commerce, healthcare, and financial services. ITI has been at the forefront of research on advanced security technologies for over 20 years and has moved the results of that research into Trusted RUBIX, its flagship database management system.

Trusted RUBIX is a Common Criteria EAL-4 certified database management system with advanced security features including multilevel security, type enforcement (SELinux only), attribute based access control (ABAC), and role based access control. Trusted RUBIX fully integrates with the security mechanisms of the underlying trusted operating system. Trusted RUBIX has been constructed "from the ground up" using a minimized-trust reference monitor technique and the principles of modularity and layering which are critical in high assurance systems.

Serious threats, vulnerabilities, and risks to data that affect national security, personal privacy, and commercial enterprises have created an awareness of the need for data security. Both government and industry recognize security as an issue of strategic importance. Reports of computer attacks have been well publicized. Disgruntled employees have destroyed data, and clever hackers have stolen passwords and accessed files unlawfully. As organizations place increasing importance on data stored or managed on the computer, there is ever-greater concern for the security of that data.

Not too long ago, critical data was kept under lock and key, usually within proprietary systems that were only accessible to select company employees. However, competitive advantage goes to those companies that open their data to as many end-users as possible. Companies are leveraging previously inaccessible data to support business partners, e-commerce initiatives, business intelligence and analytics, and mobile and wireless data access.

Along with the opportunities that come with Web-enabled openness, of course, comes increased risk. Grievous losses of proprietary information have already occurred as a result of outside breaches. Internal violations are just as much of a problem as external threats to databases. While popular network security tools such as firewalls may offer some protection against outside intrusions, they provide no protection from inside security breaches. There are innumerable cases of disgruntled employees that have destroyed data.

Most organizations do not adequately address the security gaps that enable malicious hacking and data theft by insiders and outsiders. In fact, most commercially available software packages - both operating systems and database management systems - are not properly configured to provide robust, trusted security that will protect valuable corporate data.

Many organizations assume that security can be ensured with features within operating systems or relational database management systems. However, protection at one layer offers no protection at another layer. Plus, most commercially available operating systems and databases do not meet criteria for trusted security.

Click on the subjects at the left to learn more about how Trusted RUBIX can secure your critical data.