NXdrive is a novel secure data storage system that is powered by our developed fragment-based data storage paradigm, rather than the traditional file-based storage system.
In the fragment-based storage, a file is internally processed such that the file becomes a number of fragments (i.e., pieces) and each fragment is secretly stored into the cloud devices. More important, the fragment of a file is indistinguishable from the fragments of other files and only the user who has the credentials can reveal the associations and recover them. In this way, NXdrive achieves fine-grain security having unique security capability that is the more the fragment of a file, the stronger security the file could achieve.
Fragment-based data storage has multiple layers of separate encryptions. The first layer is on the file level and the other is on the fragment level. The number of encryption is at least more than twice. There are secret associations between the security keys in these two layers. In addition, the security keys are hidden in the data storage system and they cannot be derived from one place.
NXdrive achieves a unique security robustness property. In the traditional file storage system, the data security mostly relies on the length of the security keys. The longer security key provides stronger encryptions. The security robustness is NOT related to the number of data in the data storage systems. Differently, data security complexity in the NXdrive exponentially increases with the total number of fragments in the system. Such a feature allows us to build extreme security system against various cyber or other security attacks.
NXdrive provides seven data security features for data protection.
Suppose decrypting a 256-bit encrypted file is 1 hour by a supercomputer. Our technology can make the time to millions of years, supposing the same supercomputer is used for decryption. NXdrive effectively defends the data brute-force attack by adding data spatial properties on the data storage. Spatial protection is integrated with encryption as an additional fence against unauthorized users to access the data assets.
Data breach is a very challenging problem regarding the data storage. For example, an attacker invades the data storage server or a computer system and steals the information of interest. The disclosure of sensitive information results in financial or other damages. NXDrive is a system that adds permutations on the data fragments such that the each fragment looks the same on the data storage. In other words, the data content is not recognized for an unauthorized data access. Therefore, no valuable information is disclosed to hackers even if they steal a number of data fragments.
NXdrive provides worry-free on data privacy which is unique to other data storage systems. In a file-based storage system, the data on the storage disclose the data ownership, time, data types, and other personal information. Currently, there are a number of tools that can scan your data to infer data privacy information for many purposes. NXdrive innovatively stops privacy scanning over your data in the storage server. It effectively decouples the data ownership and other data private information from the data content such that the user privacy is protected.
NXdrive prevents data loss that could be caused by cyber-attacks, software malfunctions, or hardware damages. At first, the loss of any data pieces discloses no information of data content. On the other hand, NXDrive has superior ability to maintain data assurance and integrity. Further, NXDrive has effective self-generation capability and it can immediately regenerate new data pieces that can replace the user data. The capability of regeneration is superior to the RAID 6 standard level that achieves higher data reliability.
NXdrive enforces novel technologies for data integrity and assurance in the device level to protect data loss caused by device damage or loss. In the file-based storage system, the loss of a device could result in corresponding data loss and data leakage stored in its hardware. Differently, NXDriver stores the data without relying on a specific device, having data loss protection capabilities. The loss of one or more devices renders no risk in the data loss and information leakage.
NXdrive minimizes the risks caused data insiders. In the file-based storage system, the system manager can access the storage devices and is able to review, copy, or other ways to manipulate the data. Differently to the traditional way, the system maintenance in fragment-based data storage is oriented to devices in a way that individual maintenance engineers are unable to know the data content even if they access to the data storage devices. In this way, the risk imposed by data insiders can be effectively reduced.
NXdrive protects the stored data in the system from internal or external sabotage. Other security strategies include access controls, flow policies, system controls, data dependency validation, query protection, cache protection, session protection, and cryptographic key protection. All these strategies are integrated with fragment-based data storage to enable data access ubiquitously while the whole data security requirements are satisfied.