Information Security for the Enterprise Home About Us Contact Us
ISC
Mideye
ControlGuard
Support
Buy Online
Brochure

SecretAgent Document Access Server™

Overview

Complementing SecretAgent 5.9, the latest release of ISC's leading file encryption utility, DAS allows sensitive documents to be securely shared among the frequently changing members of one or more ‘Communities of Interest' (CoIs).

When a user attempts to decrypt an archive owned by (i.e. , encrypted for) a particular CoI, their SecretAgent client automatically establishes a TLS-secured session with the appropriate DAS webserver. DAS accepts the decryption request from the client and applies one of several configurable authentication mechanisms to check the user's membership in that CoI.



If DAS determines that the user is currently a CoI member, it processes the request and returns a document decryption key to the client; otherwise, the request is denied. (Actually, a document might be encrypted for number of ordinary recipients as well as a set of CoIs, so that the above process might be repeated until either a CoI membership test is passed or the user is found to possess the private key of one of the ordinary recipients.) If a document has been encrypted for more than one CoI, a user need only be a member of one of them to decrypt that document.

SecretAgent DAS provides a web-based administrative interface for all system configuration, key management, and CoI maintenance tasks. Administrators can easily grant or deny users access to large numbers of sensitive files using centrally-managed CoI membership rosters based on DAS' own integrated certificate database or an organization's existing LDAP repository.

“SecretAgent DAS provides a solution to a mission critical problem encountered by a wide range of organizations,” said ISC President Thomas J. Venn. “Once sensitive files have been encrypted for a group, DAS ensures that those files can only be decrypted by current members of that group. Use of such a server-mediated decryption process means that no wholesale re-keying of documents is required each time a group membership roster changes.”

A network-attached hardware security module (HSM) may be used by one or more DAS servers to protect their system keys. The HSM may be directly connected over the network to the DAS servers, or indirectly connected via an optional proxy server:

Encryption & Trust
SecretAgent
SpyProof
PolicyAgent
Document Access Server
  Evaluation Copy
CertAgent
Credential Management
Development Tools
Technical Information
Brochures

© Copyright 2006 tamtech Solutions Ltd