SOURCE: Zettaset, Inc

Zettaset, Inc

September 29, 2015 07:00 ET

Zettaset Rolls Out New Big Data Security Solution Deploying Industry's Most Advanced Encryption Technology

BDEncrypt Plus™ Uniquely Provides Ultra-Secure Authenticated Encryption Using Associated Data (AEAD) to Protect Big Data Stores Like Hadoop From Unauthorized Ciphertext Modification

MOUNTAIN VIEW, CA--(Marketwired - Sep 29, 2015) - Zettaset, the leader in Big Data security, announces the general availability of BDEncrypt Plus, an advanced authenticated encryption solution that does more than any other existing encryption product to protect Hadoop data lakes and prevent unauthorized access to highly-sensitive, business-critical cyphertext and access control lists.

The increased frequency and sophistication of high-profile data breaches and malicious hacking is putting organizations at continued risk of data theft and business disruption. The massive attack surface of Hadoop clusters makes them even more vulnerable.

The authenticated encryption using associated data (AEAD) mode used by BDEncrypt Plus is able to thwart malicious attacks and covert modification of data by verifying that ciphertext (encrypted data) was created only by someone authorized to access and possess the encrypted data. No other encryption solution is able to perform this critical function, making it highly valuable in regulated verticals like healthcare, financial services, retail payments, and government where data integrity must be strictly controlled.

BDEncrypt Plus protects encrypted data stores against stealthy and highly-damaging chosen-ciphertext attacks (CCAs). Some otherwise secure encryption schemes, including non-authenticated encryption modes, can allow attackers to discover the encryption keys using a CCA. Non-authenticated encryption only prevents an attacker from reading the plaintext. It does not prevent an attacker from modifying the ciphertext.

Authenticated encryption is expected to become mandatory in high-risk environments due to its more stringent security properties. However, it must not compromise performance and scalability. To ensure optimal performance levels, Zettaset BDEncrypt Plus uses the Galois/Counter mode (GCM) for authenticated encryption which can efficiently achieve speeds of up to 10+ gigabits per second, and can be pipelined and parallelized.


"The popularity of super-charged apps like Spark, Storm, and the increased adoption of real-time analytics is driving the need for more exacting data security and protection against malicious attacks. At the same time, users want to avoid a performance penalty when applying comprehensive security within those demanding environments," said Jim Vogt, Zettaset CEO. "Zettaset BDEncrypt Plus represents a major advancement in encryption technology by providing the most advanced, sophisticated encryption solution available in the market while delivering the optimal scale and performance that users need and expect."

Zettaset BDEncrypt Plus - Key Value Points:

  • Verifiable Data Integrity, Authentication, and Protection: BDEncrypt Plus provides authenticated encryption using associated data (AEAD). AEAD has multiple advantages over non-authenticated approaches: (1) Performs encryption and authentication concurrently, improving efficiencies in large databases; (2) Guarantees that data is verifiably encrypted and protected against unauthorized ciphertext modification; and (3) Protects against malicious chosen-ciphertext attacks (CCAs).

  • Cryptographic Protection for Access Control Lists (ACLs): BDEncrypt Plus cryptographically secures ACLs, which contain permissions that restrict data access to approved entities. This prevents attackers from modifying ACLs and using those changes to gain unauthorized access to data.

  • High Performance Encryption Mode: BDEncrypt Plus uses the advanced Galois/counter encryption mode (GCM). GCM has been adopted for its known efficiency and high data throughput performance in large database environments like Hadoop.

  • Extensible Security Architecture: Enables BDEncrypt Plus to be applied beyond Hadoop to other database environments, including NoSQL and relational, with minimal development effort.

  • Big Data-Aware: Optimized for scalability and performance in multi-node distributed-computing architectures like Hadoop.

For more detailed information, download the BDEncrypt Plus solution brief.

About Zettaset
Zettaset, the leader in Big Data security, is an ISV that provides proven enterprise-class data security for Big Data environments like Hadoop. Unlike traditional security approaches, Zettaset data encryption, access-control, and authentication solutions are designed and performance-optimized for today's complex and demanding distributed-computing architectures. Enterprise customers can rely on Zettaset to provide advanced Big Data security solutions that deliver high performance and scalability, and are based on industry standards that ease integration into existing enterprise IT security and policy frameworks.

Zettaset certified security partners include IBM Power Systems, HP Atalla, Thales-e-Security, and Utimaco.