Ericsson, the world’s largest maker of wireless-network equipment, is teaming with the Estonian security-technology provider, Guardtime, to improve data safety and transparency.
Guardtime’s key technology is called Keyless Signature Infrastructure or KSI. The technology is aimed at organisations that deal with large-scale digital data and the challenges of securing the integrity of that data. Simply put, if you want to be sure (either for business or regulatory reasons) that the data is not tampered with, you need a method to “stamp” it.
Guardtime will help integrate the keyless signature infrastructure technology into Ericsson’s cloud portfolio “to provide immutable evidence that will hold in court, and all associated capabilities are native and available at point of installation”, the companies said in a statement. “The new offerings will be forensically provable and all data [will] have attribution with historical provenance,” the companies said, adding that the evidence will be portable and independently verifiable.
“This means data owners can use big data with independently verifiable confidence, both for the data used and the third party services that can be offered off such an infrastructure,” according to the companies. “Third party customers of such infrastructure can trust their most precious asset, data, to the outsourced telecommunication and mobile carrier, with guarantees of ability to trust, verify, analyse and subsequently control previously diffuse outsourced enterprise operations.”
Typically, Guardtime partners with distributors in different jurisdictions. These can be telecommunications companies or cloud infrastructure providers. However, Guardtime also has solutions for private individuals who need proof of authenticity for PDF content or want to sign their WordPress blog posts to establish ownership and time.
Estonia was the birthplace of keyless signature infrastructure, after suffering a crippling, prolonged national-scale cyber attack in 2007. The country recognised that a new approach was needed, one that could provide verification that security measures are working. Under the auspices of the Estonian Government and the small country’s private sector, a team of Estonian cryptographers, network architects, software developers and security specialists designed a exabyte-scale authentication and real-time alerting system for networked digital assets.