Post on 21-Feb-2019
Our integrated approach to secure communication We engineered a comprehensive protection system for the security of your communications, including:
01
A secure software platform for real-time, encrypted communication and collaboration
A full range of encrypted devices to protect your data and communications against unauthorized access
An intrusion detection and prevention module in order to avoid any attack and intrusion affecting both the software and hardware components.
Hushmeeting: our system at a glance A cutting edge solution for Secure Communication and Collaboration providing:
02
An easy-to-use, media-rich, fully encrypted environment to connect and collaborate securely
High security levels and scalable performances combined with the chance of maximum control over the whole system
Full visibility on the source code as well as a comprehensive know-how transfer
Security Overview
03
Client-Server architecture to ensure maximum security
over the network
Strong encryption technology to provide data confidentiality, integrity and protection (including audio/video streams, data transfer, applications sharing)
On premises server installation for full independence and control, allowing to add further security elements (standard or military grade VPN tools, customer chosen encryption algorithms…)
1
2
3
A unique plus: a full know how transfer No other company worldwide provides greater transparency, giving access to its core technology while offering:
04
Full visibility on the source code
In-depth know-how transfer on the whole architecture
Comprehensive technical training to allow a complete and independent management of the system
Client/Server security in-depth
05
Tested for buffer overflow analysis, code injection for TCP communication,
sql injection
The database server (DBMS) is accessible only by the application server itself and by
authorized users
All streamings (audio/video/data) are encapsulated in a UDP tunnel, that can be encrypted with different symmetric algorithms (IDEA EXT, AES, CAMELIA, SERPENT, TWOFISH with 256 bit keys)
Different keys are generated during each session and dynamically changed at given intervals
1 2
3 4
Signaling and authentication security in-depth
06
Users can login with username and password; strong authentication system by X.509 digital certificate (RSA algorithm up to 8192 bit) and smart card or crypto-token USB are also available
Client/Server authentication is based on a single TCP connection (default port 9010), encrypted with AES keys (256 bit)
The encryption keys can be negotiated dynamically; the Diffie-Hellman not elliptic ephemeral mode keys exchange is used to allow the PFS (Perfect Forward Secrecy) in Transport Layer Security.
Post-quantum encryption algorithms are available to protect key exchange mechanism against quantum computer attacks.
Unlimited scalability and seamless communication
07
Developed to grant secure, voice, video and data communication with unlimited scalability.
Our secure hardware solutions
08
Derived from military and governmental requirements, our secure hardware solutions:
Ensure that your device and your personal data cannot be breached, spied on or compromised,
establishing encrypted calls among Hushmeeting devices
No app can be downloaded on the devices
Work on an ironclad Linux customized operating system
Automatic OS operations - including recovery, bug fixing, new releases - are disabled and manually managed, without any other third party intervention
1
2
3
4
The Hushmeeting device Functionalities
09
With an intuitive user interface, our Hushmeeting device makes a secure call as easy as making a normal call.
Audio-only calls
Audio and video calls
Encrypted chat system
Encrypted file sharing system (audio messages, video, photo, GPS position)
The Hushmeeting laptop
11
A more efficient device for all those situations where a smartphone is not enough.
Internal memory visible only to a specific custom app.
End users will be able to use a secure by design word processor and a spreadsheet application.