 How is the content of a personal data space structured and defined?
A personal data space resembles the normal tree structure of a filing system with directories and sub-directories. From the server's point of view, there are no restrictions on the structure, nesting or naming of directories.
up 
How are individual objects defined?
The CipherMe data space can store any kind of data object. It is up to the user end application to set and use the appropriate types and structure of data objects.
The most prevailing, however, are files in eXtensible Markup Language (XML) format, used for management purposes, like for instance digital signatures, and for storing data by dedicated CipherMe applications. Just as for the storage space structures, CipherMe provides references and guidelines for such objects to ensure interoperability of applications. The contained XML templates are often an effort of many parties, mostly that of professionals in the given area of application and of actively involved application developers.
up
Are individual objects encrypted separately?
Yes, each object within a data space provided by idDOON is encrypted separately using your personal symmetric encryption key, which for its part is encrypted with an asymmetric public key. Your private key is generated during the subscription process.
This means that to get access to any single object of possible interest, a separate key breaking process has to be applied. Each such action would take an impractical amount of time and computing resources while yielding only a single data item.
The exception to this one-key-per-object rule is when, for reasons of convenience, the owner of the data space places his or her own access rights not on an object but on a selected directory. In this case, all objects within this special directory are encrypted with the same key. Third party access rights within this directory can still be controlled on an individual object basis.
up
Which is the algorithm used for encryption?
idDOON uses the Rijndael cryptographic algorithm, which has been adopted as Advanced Encryption Standard (AES) by the US National Institute of Standards and Technology (NIST) in 2002. Rijndael is a symmetric-key block cipher named after its creators, the Belgian cryptographers Joan Daemen and Vincent Rijmen.
As of 2006 no successful attacks against the Rijndael cipher have been recognised.
up
Where are the encryption keys held?
Encryption keys are held inside objects called licenses, one separate license per party is allowed to access a particular encrypted data object.
up
How does idDOON ensures the integrity of the data stored?
The problem of data integrity concerns both resilience against damage and loss and resilience against malicious/fraudulent alteration.
Data is stored on servers hosted by licensed Service Providers, which are carefully vetted by idDOON. idDOON's Service Providers are mainly large, highly skilled companies, often with Internet Service Provider (ISP) background and extensive experience in secure data hosting. These companies are probably the safest places one can hold data because data security is at the core of their business. They will have made very large investment in building security, fire safety, power and network redundancy, back-up procedures and similar - far exceeding precaution and safety measures of companies where data hosting is only an incidental occurrence of their core business.
Every object in the data space can be digitally signed with a key.
up
|
