StrongAuth, Inc. announced the general availability of the StrongKey CryptoEngineTM, an open-source Java library/web-service that helps software developers leverage cloud-storage by automatically encrypting files and transferring them to public cloud storage services such as Amazon's S3, Microsoft's Azure and Eucalyptus Walrusm with minimal programming effort. The free software is available for immediate downloads.
The StrongAuth CryptoEngineTM includes the following features:
• Encrypts and decrypts files by calling the library's functions when embedded within Java applications or when calling a web-service from any application; the files may be of any type and size;
• Automatically generates an encryption key based on NIST-approved algorithms and defined policies, and escrowing the key with the StrongAuth KeyApplianceTM for key-management;
• Leverages Public Clouds for storing the encrypted data; the product supports the use of Amazon's S3, Microsoft's Azure and Eucalyptus Walrus;
• Saves encrypted files in the W3C XMLEncryption standard format, making it completely portable across platforms;
• Integrates to existing identity management systems, such as Active Directory or other LDAP-based identity management systems; and
• A command-line-based tool to enable immediate use of the library to encrypt, decrypt and move files to public clouds.
StrongAuth announced the CryptoEngineTM, with its unprecedented blend of features, is available at no cost, in source andbinary form, at SourceForge (http://sourceforge.net/projects/skce/). More information on the CryptoEngineTM can be found at
“Cloud-computing and cloud-storage have the ability to transform the IT landscape dramatically. However, the obligation to protect sensitive data does not diminish with cloud-computing or storage.” said Arshad Noor, CTO of StrongAuth. “We created the world's first integrated encryption, tokenization and key-management appliance in January 2010 to manage sensitive data and keys on a very large scale. With the release of the CryptoEngineTM, we've delivered another major component of our Regulatory Compliant Cloud Computing (RC3) architecture (http://www.strongauth.com/pdf/RC3-WebAppArch-1.2-2.pdf): the ability to leverage public-clouds to secure sensitive data while proving compliance to datasecurity regulations!”.
Since the state of California first passed a Breach Disclosure law – also known as Senate Bill 1386 – in 2003, more than 2700 breaches to sensitive data have been disclosed that have affected more than 540 Million sensitive data-records, according to www.privacyrights.org. Retail merchants such as TJX have paid out more than $115M in fines and settlements for a single data-breach that exposed 45M consumers' credit card numbers, while Heartland Payment Systems' breach of 130M recordscaused it to pay more than $110M for settlements.
Security regulations have consequently focused on data-protection through the use of encryption. When implemented properly, encryption has the ability to secure data; however, the challenge has always been with the protection and management of the cryptographic keys responsible for decrypting sensitive data. Leveraging the advanced key-management features of StrongAuth's KeyApplianceTM users of the CryptoEngineTM will be able to take advantage of public-clouds without violating regulations such as PCI-DSS and HIPAA.
About StrongAuth, Inc.
StrongAuth is the leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions on the market. Providing solutions in Symmetric Key Management and PKI, StrongAuth is focused on securing data in the areas of Cloud Computing, E-Commerce, Healthcare, Finance and other sectors mandating protection of sensitive data. StrongAuth's solutions are installed at customer sites around the world and are key components of mission-critical business operations. More information on StrongAuth and its products can be found at http://www.strongauth.com.