Post on 22-Jun-2015
description
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
© 2011. Copyright GuardTime. All Rights Reserved.
Raul.Vahisalu@GuardTime.comGeneral Manager Estonia
21.03.2012
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
GuardTimeProof of time, origin and integrity for the world’s electronic data
Founded in Estonia in 2006IP of Estonian scientists Ahto Buldas and Märt SaareperaAccredited timestamping service provider in EU since 2007Financed by ASI, Brother, Singaporean Government and Hong Kong based Horizons VenturesSubsidiary offices in Singapore, Hong Kong, Tokyo, Beijing, San Diego
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
3
Hash FunctionsGuardTime’s technology is based on cryptographic hash functions
When trust is not enough
Hash functions are cryptographically secure one-way operations that take arbitrarily-sized data as input and generate a unique fixed-size bit sequence as output
INPUT DATA HASH FUNCTION
HASH VALUE
AXSJ76SNWCRVRVLFFAONRDNZG4VUSU2HAS7DJWZR2U
ONE-WAY ONLY
REVERSE CALCULATION NOT POSSIBLE
The output is known as the hash value, message digest, or digital fingerprint
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
4When trust is not enough
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
5When trust is not enough
TIME
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
6
Keyless Signatures: How It Works
When trust is not enough
Receive a signature for
each data item signed
Signatures are mathematically
verifiable for the life of the
data
Sign the event logs, backups, archives, other
data and applications
Enable any system or
environment to use Keyless Signatures
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
7When trust is not enough
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
8
Prove This Didn’t HappenDoes your proof require that someone trust you?
When trust is not enough
Accidental(admin)
• ‘Cleaning up’ the application and system logs• ‘Fixing’ the backups and archives• Checking in untested applications
Intentional(admin)
• Removing application and system log entries• Changing database records• Adjusting application and system configurations
Malicious(hacker)
• Removing log entries• Changing database records • Inserting new code into the operating environment
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
9
Use Case: Auditable Scan-To-Server
When trust is not enough
Signing capabilities are embedded directly into the multi-functional printerDocuments are signed after scanned and converted to PDFThe signature is embedded within the PDFSigned PDF documents are stored on the serverRecipients of the documents can verify the signature of the documents from within the scanned PDFProvides proof of origin (e.g. which scanner), time and content for the stored documents
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
10
International team
When trust is not enough
Business is done by people! Our group CEO flight mileage last year - 2500000900-1700 Tallinn time +9h/-8h~10 different nationalitiesNegotiation and communication styleWork ethic, command of languagesPolitics, religion, women, alcohol
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
11
Research & development
When trust is not enough
R&D is in Tallinn, EstoniaTop of the technology pyramidSerendipity-led R&DCan innovation be outsourced?What is innovation?Accountability to investorsTest-site Estonia
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
Sales
12When trust is not enough
What do you sell?Business model, Pilot, Service (consumer, infrastructure), Product, Disruptive change, Fear
Naive, Pragmatic, StrategicIPObstacles
Not invented here
Nice to have but not compulsory (through legislation)
Too new, too disruptive for me
Technology push v. Market pull„GuardTime is not a technology problem, its a marketing problem“
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
13
Business modelGuardTime is sold as a monthly subscription service based on volume (Transactions/Second) shared with partners and downstream channelEstonia as a test site for the worldCooperation agreement with the Estonian Government for a service free of chargeIn Estonia - National Archive, RIK, MKM, Levira, SEB, Elion...
When trust is not enough
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
14
Orwell 1984
Big BrotherDoublethinkThoughtcrimeNewspeakMemory hole
When trust is not enough
© 2
011.
Cop
yrig
ht G
uard
Tim
e. A
ll Ri
ghts
Res
erve
d.
© 2011. Copyright GuardTime. All Rights Reserved.
Thank You!Email: raul.vahisalu@guardtime.com
When trust is not enough