Security

Download the printable version of Nasuni Technology White Paper.

Security in Cloud Storage

With a standard data center, Administrators know where user files are going. When a user writes a file, that data moves from that individual’s machine through a series of cables to the attached hard drive. There are no unexpected twists or turns in the data path.

When the cloud is involved, this is impossible.  Data travels over the Internet. There is no way of knowing all the hops it is going to take along the way from a customer’s data center to the cloud. So it should be protected en route.

Once it is in the cloud, this data should be guarded so that no one can read or delete it. UniFS™ keeps customer files safe on the wire and in the cloud.

End-to-End Encryption
UniFS™ uses OpenPGP with the AES-256 standard—which has been approved by the National Security Agency for Top Secret material—to compress and encrypt each piece of data.

Random Session Keys
The use of random keys rules out certain potential attacks. If all the data were encrypted with the same key, it might be possible for a malicious agent to sniff out a pattern, reverse-engineer that key, and read a given customer’s files. We determined that simple password protection was not sufficient, either, as it might be possible for a malicious agent to reverse-engineer the password.

Encrypted Metadata
File contents have to be encrypted, but metadata should be indecipherable, too. Given a government grade machine, an enterprising hacker might be able to find a high value file if its metadata were readable. By encrypting both data and metadata, however, UniFS™ ensures that if someone were able to peek into a cloud, none of a given customer’s data would be decipherable. An outsider would only see encrypted data. Without those random session keys, it would be impossible to decipher the data.

Secure Channels
Data is also doubly encrypted. It is encrypted off the wire, as explained above, then sent to the chosen cloud over a secure channel. Many cloud providers already support https encryption, but we chose to lock up customer data before it even hits the wire. Otherwise, if a customer’s files were not encrypted on-site, the cloud provider’s employees might be able to see that customer’s data when it arrives over the secure channel, before it is encrypted. With UniFS™, data is always encrypted before it leaves the customer’s data center, so no external parties can decipher it.

Direct Data Path
Once the virtual appliance starts running, Nasuni servers do not stand in the data path. This is an important reliability issue, as it guarantees that if our network goes down, our customers will not feel any impact.

From a security standpoint, this also means that we have no access to customer data. All of the encryption and decryption happens at the customer’s site.

Individual Security Credentials
Pooling all of our customers’ data into the same, Nasuni-managed cloud volumes would make our lives easier, since we would not have to generate new credentials for every customer. But it could also open a potential security hole. A malicious third party could pick apart his own copy of our Filer, discover those shared credentials, and then use that information to hack the cloud. This malicious agent would not be able to read the files of other Nasuni customers, due to the encryption, but he might be able to delete them. Individual security credentials rule out this sort of attack.