Gazzang has built an interesting business around Transparent Data Encryption, building on top of eCryptfs, adding some mandatory access controls and policy management in a product we call zNcrypt.
With the addition of zTrustee to the Gazzang product portfolio, we have entered an even more interesting, ambitious, new space in modern Cloud computing -- Opaque Object Storage.
eCryptfs and zNcrypt provide "transparent" data encryption, in that when the encrypted filesystem is mounted, allowed users, applications and processes (possessing the appropriate keys) are allowed to seamlessly read and write data as regular files and directories to the mounted storage filesystem. No user, application, or process needs to know anything about encryption -- they simply read and write data "transparently" from and to files and directories. Input/output operations are trapped in the Linux filesystem layer, and eCryptfs handles encrypting and decrypting files as necessary. Assuming you have safeguarded your keys appropriately, an offline attacker with physical or remote access to the disk would not have access to mounted filesystem and instead only see the cryptographically protected data.
zTrustee was designed from the ground up to store and serve the keys necessary to make eCryptfs and zNcrypt work properly. But we implemented it in a manner in which we can store and serve keys, certificates, files, directories, and data of any type -- similar to some object storage systems. However, we added our considerable security expertise to our implementation, and use encryption yet again to our customer's advantage. Each of these objects stored in zTrustee are actually encrypted and signed with the public GPG keys of the client storing and/or retrieving the data. This means that even an administrative user with full root access on the zTrustee server will not have introspection into the contents of the data blobs stored as deposits on the zTrustee server. For this reason, we're calling these deposits "Opaque Objects", and noting that our zTrustee server provides "Opaque Object Storage".
Moreover, the fine-grained security policies that govern the release of these deposits further differentiate zTrustee from various other object storage products. Beyond the individual encryption of each zTrustee deposit (object), the policy by which an object is released can:
I'm out at the GigaOM Structure conference in sunny San Francisco this week, where Gazzang has launched its newest product -- Gazzang zTrustee! My colleagues and I have dedicated the last 6 months to the design, architecture, development and testing of this new product, and I'm thrilled to finally be able to speak freely about it.
Gazzang's original product, zNcrypt is a transparent data encryption solution -- a GPLv2 encrypted filesystem built on top of eCryptfs, adding mandatory access controls and a dynamic policy structure. zNcrypt enables enterprise users to secure data in the cloud, meet compliance regulations, and sleep well at night, ensuring that all information is encrypted before written to the underlying storage.
As of today, Gazzang's newest product, zTrustee is an opaque object storage system, ultimately providing a flexible, secure key management solution for data encryption. Any encryption system, at some point, requires access to keys, and those keys should never be stored on the same system as the encrypted data. While zTrustee was initially designed to store keys, it can actually be used to put and get opaque data objects of any type or size.
Planet Ubuntu readers might recognize a few small-scale ancestors of zTrustee in other projects that I've authored and talked about here in the past... The encrypted pbputs and pbget commands now found in the pastebinit package are similar, in principle, to zTrustee's secure put and get commands. But rather than backing uploads with a pastebin server, we have implemented a powerful, robust, enterprise-ready web service with extensive, flexible policies, redundancy, and fault-tolerance. The zEscrow utility and service are also similar in some other ways to zTrustee, except that zEscrow is intended to share keys with a backup service, while zTrustee blindly and securely stores opaque objects, releasing only to authenticated, allowed clients per policy.
Planet Ubuntu readers may be pleased to hear that our zTrustee servers are currently running Ubuntu 12.04 LTS server, replicated across multiple cloud providers. The RESTful web service is built on top of a suite of high quality open source projects, including: apache2, python wsgi, postgresql, sqlalchemy, postfix, sks, squid, gnupg, and openssl (among others).
The zTrustee client is a lightweight python utility, leveraging libcurl, openssl, and gnupg to send and receive encrypted, signed JSON blobs, to and from one or more zTrustee servers. The client utilizes the zTrustee Python library, which does the hard work, encrypting, decrypting, and processing the messages to and from the zTrustee server. You'll soon be able to interface with zTrustee using either the command line interface, or the Python library directly in your Python scripts.
We've turned our current focus onto Android, while developing a Java interface to zTrustee, so that Java programs and Android applications will soon be able to interface with zTrustee, putting and getting certificates and key material and thereby enabling mobile encryption solutions. Looking a little further out down our road map, we'll also use these Java extensions to support zTrustee clients on iOS, Mac, and Windows.
While I'm big fan and proponent of eCryptfs and zNcrypt, I plainly recognize that there are lots of other ways to encrypt data -- dmcrypt, TrueCrypt, FileVault, BitLocker, HekaFS, among many others. From one perspective, encrypting and decrypting data is now the easy part. Where to store keys, especially in public/private/hybrid cloud environments, is the really hard part. Many people and organizations have punted on that problem. Well as it happens, I like hard problems, and Gazzang likes market opportunities and for that, we're both proud to promote zTrustee as a new solution in this space.
This post is intended as a very basic or brief introduction to the concept, and I'll follow this with a series of examples and tutorials as to how you might use the zTrustee client, library, and mobile interfaces.
MySQL Cluster usage has certainly continued to spread and recently accelerate well beyond its initial telco vertical roots into Healthcare, Financial Services, SaaS and more. With those additions it certainly becomes desirable for many to provide transparent encryption on the NDB nodes where the data, logs, checkpoints that write to disk. I'll not go into all those reasons in this blog, but certainly there are plenty, visit our whitepapers section for more information, especially if you are running within hosted, managed, or cloud environments platforms.
The solution for ndb in a nutshell was straight forward:
Note: if you setup a single node test environment or if for some reason want to run it for you will also need to add a rule for ndb_mgmd then also add -
ezncrypt-access-control -a "ALLOW @ndbdata * /home/mysql/mysql-cluster-gpl-7.1.18-linux-i686-glibc23/bin/ndb_mgmd”
Certainly there are many more things you can do to protect MySQL Cluster data on Linux - and I will follow through with those details or details on usage in specific environments, but this is a good start and shows how easy this is to accomplish, and Gazzang adds key management, process, access, monitoring, and many other benefits aside from the encryption itself. For more ideas around that see our EMA paper or schedule an overview with us.
With the release of of our 2.2.2 product coming in February of 2012 you will see that we have added ndb to our supported engines list to MySQL. Gazzang's platform is simple and easy to install as you can see here. If you are interested just Try it out.
I have wanted to run our new ezNcrypt 2.1 release on Drizzle for some time, and I finally was able to get started and encrypt all of the data for drizzle in a matter of minutes. Given that Drizzle is a MySQL fork, my assumption had been this would be quite easy and straight forward. That is indeed the case so far.
So here are the steps I took:
So this took me all of 30 minutes. It is a very minimal setup. I could easily also have:
Please try out the drizzle and ezncrypt, share your ideas, ask questions, etc. We are here to help.
Our new “next generation” release was just announced publicly and is available for download. What a journey it has been to get this to market. This is the most significant announcement for the company since our Series A venture funding. This release moves us from a “point encryption product” (for MySQL databases) to a full cloud security platform for all data, content, source, binaries and objects. This platform will be expanded further, much is already in the works.
In retrospect, we got to this point quickly, especially being a young, growing company. I want to share some of the behind the scenes activities, but first, a description.
Gazzang ezNcrypt 2.1 has now been expanded to provide transparent data encryption (TDE) for the entire LAMP stack, including any data, logs or files created or managed by any Linux application or service, such as Apache, Alfresco, Drupal, Joomla and Wordpress to name a few. This latest release also includes soon to be released packaged support for PostgreSQL, Cassandra, MongoDB and Drizzle databases (as well as enhancements for MySQL). It is available in two versions: ezNcrypt for Databases™ and ezNcrypt FLEX™. More details are on our website.
We have had a vision of the 2.0 release since the company was funded last November, but we had a lot to do before it could be ready for prime time. During the development of the product and after talking to a ton of customers, it became clear we needed a special edition that would enable encryption way beyond databases and beyond what we could pre-package. An edition that would let customers define their own rules, ACLs and connections to up-stack apps and services was needed. FLEX was born. Turns out, the early customers and prospects are actually most excited about FLEX. With FLEX our total addressable market has just expanded exponentially.
A select group of early customers have been playing with the new release and the feedback has been great. All of it supportive, some of it constructive. These first customers actually found a few things we needed to do better and a few got stuck during the installation process because of a goof or two that we had made. Their feedback was invaluable. We actually finished 2.0 back in early August, but we decided to roll it out only to a controlled list – both quality and customer feedback are important to us; we wanted to make sure we got this one right. Turns out, it needed some tweaks. So, 2.1 was quickly defined, coding continued, testing was increased and more customer feedback was sought. As with any software release, there was a surprise here and there, but we learned and made adjustments. It was only after all of that, that we announced to the world that our next generation had arrived. So, to the Linux world, I can only say: “Go forth and download. You're easy to implement, easy to use, cost effective, data security platform has arrived.”