Commercial & Industrial Area
AKRON C4SEC products are designed to allows a user to securely connect a PC Client to a network. The connection is established across a VPN over a public network (internet) with absolute confidence. As a result, the user is able to reach all the services available within the protected network (voice, video conferencing, File Sharing, Mail, etc.) in a safer and controlled approach.
The solution is able to integrate itself with any existing cyber security infrastructure ensuring compliance with security features and policies.
KEY POINTS
The Shield Family Products are an innovation in the current cyber security market.
Main points are:
Protection of communications through robust cryptographic algorithms
Overcoming key distribution vulnerabilities with key agreement mechanisms
Capability to interface common services (VoIP , VTC, File Sharing, Mail, etc.) available in any network infrastructure
Isolation and defense capability of the Client System
Low power consumption (USB port supply)
Extreme portability to allow a simple remote use
In addition to increase network security, it is also possible to decrease network infrastructure costs bypassing high-priced systems, often inefficient, for cybernetic protection of the whole system.
OPERATIONAL CAPABILITIES
It is possible to identify the following operational capabilities:
User identification via token hardware
Crypto-Hardware Authentication
Automatic renewal of cryptographic keys used by Shield Family Products at each session
Traffic data encryption on the Crypto-Hardware with secure encryption keys, always different to prevent the comprehension of possible data to be filtered during their transfer
The system features provided guarantee the canonical security aspects:
Identification
Authentication
Access Control
During the data transfer phase it's guaranteed:
Confidentiality of information
Integrity of information
No Rejection
THREATS RESPONSE
The Shield Family Products system as a whole will respond to the threats listed there:
Masquerade
Inability for a hacker to imitate a false identity. In the system, each user will always be identified with a strong authentication and the entire communication session will depend on the outcome of the identification, authentication and key agreement phases.
Spoofing at Application Level and IP, TCP and UDP level
It will be impossible alteration of identity at the application level, or IP, TCP and UDP. This is because any alteration of a packet or datagram on the network will make communication unintelligible, as undecipherable, then altered packets will be automatically rejected by the system. In addition, being encrypted packets on startup, it would be impossible for a hacker to locate the exact points where to modify the information.
Replay
In a replay attack, the hacker catch data on the network retransmitting then the same at a later time and get the desired responses with the encryption system in question, any data on the network will be treated with a very high random encryption. Thus, an always equal number sent n times will appear n times different on the same network connection, so a possible replay attack will be useless because the data sent will be indecipherable to the recipient.
Man In the Middle
It will be impossible to make a Man In the Middle attack by using the key agreement mode implemented in the cryptographic system.
Data Sniffing
All network data will move encrypted with a strong encryption algorithm and cryptographically secure keys with a high degree of noise. Even if network information will be captured, they would not be decipherable in any way.
Physical Theft
It is impossible for a hacker to compromise the privacy and integrity of the PC Clients in the case of casual possession of the same.