English | 中文

Navigation

Contact Us

  • Contact:北京炼石网络技术有限公司
  • Phone:010-88459460
  • Address:北京市海淀区北三环西路32号楼7层0710-1
  • Zip Code:100097

Position: Products

Data Storage Encryption System

Product Overview

CipherGateway Data Storage Encryption System is a data security cryptographic product which can be deployed agilely, aimed at application system protection. Only configuration-level deployment is required to achieve database storage encryption for any specified field (to prevent internal IT personnel, external hackers, etc.), and by combining with the identity of the logged-in users to achieve dynamic desensitization and auditing(to prevent unauthorized access by internal staff)without any source code of the existing applications being re-coded.


Typical scenarios for the application of products include personal information protection for government and corporate customers, business secret protection for companies, cipher security assessment and rectification for the government, state-owned enterprises, financial and other industries, as well as data protection in military industry and confidential industry, etc. It can be protected against a single application or dozens of applications in batches. It also supports structured data such as sensitive fields and unstructured data such as document files.

Personal Information Protection
Business Secret Protection
Commercial cryptography compliance upgrade

Product Functions

Data Discovery Metadata extraction, data scanning discovery (such as personal information)
Data EncryptionField or document-level encryption, anti-bypass security mechanism
Access ControlAttribute/role-based access control, rich data desensitization strategy
Behavior AuditLog tamper-proof audit data access control

Product Advantages

Agile deployment without re-developing and transforming existing applicationsThere is no need to re-develop the application, nor need to adapt the databases. Agile deployment can be achieved by modifying the configuration in the application.
Integrate data usage scenarios into fine-grained encryption protectionCipherGateway’s products provide “subject to user in the application, object to field level" security protection capability, combining user identity and field or document level data in the application to provide fine-grained security control. By setting encryption and decryption strategies, different encryption algorithms and keys can be chosen for different rows and columns of database, to minimize authorization for the access to sensitive data for internal personnel.
Integrate cryptography with access control and audit trail to prevent threats while protecting data securityBy combining data encryption with access control, auditing and other technologies, CipherGateway’s products can create an anti-bypass data protection system. By applying access control strategies at encryption and decryption anchors, an anti-bypass data protection mechanism can be built, which supports traceable and tamper-proof behavior audits, and ensures that the subject of each log is traced back to the person.
Excellent cryptography engineering abilityCipherGateway’s products support SM algorithms and international algorithms at the same time, support FPE based on SM4 algorithm of fields such as mobile phone number, certificate number, and email address. The speed of SM4 encryption and decryption on a single CPU exceeds 140Gbps, and it only takes 20 seconds to encrypt 1 billion mobile phone numbers (that is 50 million pieces per second ) with a single CPU, which has no impact on the user experience.

Deployment Diagrams

产品特点

Support Multiple Databases Supported includes but not limited to Oracle, MySQL, SQL Server, PostgreSQL, MongoDB, NoSQL , DB2 etc and domestic databases such as Dameng etc.It supports various data warehouses and distributed data storage services.
Support Multiple Data TypesCHAR, VARCHAR, VARCHAR2, LOB are supported, the type of int/Number is partially supported.
User-level ControlThe subject of access control can be refined to users, and users’ identity can be combined to perform access audit on sensitive data.
Field-level encryptionThe administrator can set encryption, desensitization strategies through the interface, and the control granularity can reach the table level, column level, and even row level of the database.
Meet compliance requirementsBuilt-in national secret encryption card, supports SM1, SM2, SM3, SM4 and other national secret series algorithms as well as domestic hardware and domestic operating system.
Flexible deployment has no impact on businessThe application system does not need to be modified, the old and new systems can be deployed quickly,large-Scale deployment is supported.
Get the product white paper now

CipherGateway 致力于让数据共享更安全、更有价值 针对您的业务场景,我们会推荐更专业、更有价值的解决方案和产品。 期待您的联系。 010-88459460 申请免费试用