General Version 9 21 09

Granite Gate Corporation™

Corporate Capabilities PresentationContent Security

ForSecure Cloud Computing

& Application Development and Integration

Copyright ©2009 Granite Gate Corporation all rights reserved.

September 21, 2009

Briefing OverviewMission and Standards-Based Offering 1Differentiators 2Protecting Content and Processes is the Future of Cybersecurity 3The Integrated Cyber Solution (ICS) & 4Application*SECURE* ICS – TecSec 9ICS – IQware 14Consulting and Training 18Granite Gate Officers and Organization 19Conclusion 20

Corporate Capabilities Presentation

i


Copyright Information ©2009 Granite Gate Corporation. All rights reserved. Produced in the United States of America.All trademarks, service marks, and trade names referenced in this material are the property of their respective owners. • TecSec and CKM are registered trademarks of TecSec, Inc.• IQware is the registered trademark of IQware, Inc.


Granite Gate is a game changer providing a disruptive technology that addresses that address content security and

virus immune rule-based applications.

1

MissionProvide innovative

cybersecurity capabilities that facilitate secure

content sharing and secure applications


Granite Gate Standards-based Content Security Offerings

Computer-based Content Security Training

Cyber Security Services

Integrated Cyber Secure (ICS)*SECURE* Content Applications


Granite Gate’s content security differentiators:

Backed by 32 patents including XML Secure, Digital Signature, Constructive Key Management (CKM), and virus immune rule-based applications architecture.

Standards Based ANSIX9.69, X9.73, X9.84, X9.96, and others

Fits within existing infrastructure and is scalable

Secures data at rest and data in motion over time

Enhances PKI

Integrates secure “front-end” technologies with a secure rule-based system “back-end”

The front-end components provide role-based access control (RBAC), privilege management, ID authentication, key management, and encryption,

The back-end components provides a virus-immune, rule-base, cross-platform software system and business intelligent engine.

Delivers an application platform that is agile, rule based, updates made in real-time, and hacker proof & virus immune.

Cross platform – supports Windows, Apple, Unix, and small format devises.

2

Granite Gate’s INTEGRATION ties the front-end and back-end = “turn-key secure system”


Recent events validate our market - the future of cybersecurity is to supplement network security with protection of the content.

3

The President’s Cyberspace Policy Review Report of May 25, 2009 - Cyberspace touches practically everything and everyone. It provides a platform for innovation and prosperity and the means to improve general welfare around the globe. But with the broad reach of a loose and lightly regulated digital infrastructure, great risks threaten nations, private enterprises, and individual rights. The government has a responsibility to address these strategic vulnerabilities

Lawrence H. Summers, senior White House economic adviser, is pushing for the National Economic Council to have a key role in cybersecurity …

It is a key government responsibility to help secure private-sector networks It discusses the need to provide incentives for greater data sharing and risk management There exists a plethora of security-in-a-box products on the market, but few address

content security in detail.

110th Congress, 2d Session, H, CON. RES September 24, 2008, 425TH, by Republican Rep. Michael Burgess and Democrat Rep. Chuck Gonzalez of Texas cites a litany of losses, exposures and shortfalls in protecting personal information, and notes that 36 states already have taken the lead in passing their own data security legislation.

Nevada law NRS 597.970 of Title 52 of the state code. It says that, 'A business in this State shall not transfer any personal information of a customer through an electronic …unless the business uses encryption to ensure the security of electronic transmission.


Granite Gate provides the Integrated Cyber Secure (ICS) for secure information sharing and secure application development and

integration.

A key product is Application*SECURE*

4

Dedicated Applications

Enterprise Application

Networks

Website

Desktop Applications

Vulnerable

Architecture

Constructive Keys

Secure Rule Data

Privilege Mgt.

ID of Merit

SecureInformation

SharingApplication*SECURE*

Secure Rule Based

Applications

Secure Data at Rest & Datain Motion

Secure Key Management

Positive ID & Privilege

Management

Last Twenty Five Years Next Twenty Five Years

Secure Server



Granite Gate’s Integrated Cyber Secure (ICS) including Application*SECURE* is based on proven technologies from corporate

partner TecSec (www.tecsec.com) and shareholder IQware (www.iqware.us)

5

Access Control Devise

(ID card, biometric, etc.)

Workstation

(Windows, Mac, Linux)

Network, Internet, or

Connection

Secure Server

(DOD rated B2/C2)

Identity of Merit

Role Based

Access Control

Privilege Management TecSec Domain

Business Logic

Rule-Based Applications

Open Office *SECURE*

& Other

Applications

X-Toolkit, X-Intrinsics, X-Lib ,

X-Protocol

Hardware Dependent Graphics

Hardware Dependent inputs

X- Server, X-Protocol, X-Display

Encrypted Data

Encrypted Data

IQware Domain

Granite Gate DomainIntegrated Cyber Secure (ICS) Framework

Constructive Key Management (CKM®TECSEC )

http://www.tecsec.com/

http://www.tecsec.com/

Rule-Based

Applications


Network, Internet, or Connection

Secure Server(DOD Rated B2/C2)

Workstation(Windows, Mac, Linux)

Access Control Devise(Card, biometric, etc.)

Identity of Merit

Architecture

Process

Technology

Integrated Environment

Granite Gate’s Integrated Cyber Secure addresses serious vulnerabilities in government and commercial markets.

6

Authoring (key strokes)

Assignment of Privileges by Role & by Author

Requested Data Deciphered Based on

Approved Role

Constructive Key Management

& Encryption

Open Office*SECURE* & Other

Applications on Server

Virus Immune Rule-based processing

Encrypted Info on Secure Server

Encrypted Data

Encrypted Data

Encrypted Data

Rule-Based

Applications





Access Control Devise(Card, biometric, etc.) Architecture

Process

Technology


TecSec, a Granite Gate partner, provides patented, standards-based technologies that manages credentials and key management.

7






& Encryption

Encrypted Data

Encrypted Data

Encrypted Data

Identity of Merit




Approved Role

Granite Gate Corporation™ 8

TecSec, a Granite Gate partner provides patented technologies approved by NSA.

Used with permission from TecSec and NSA

Assured Information Sharing Cornerstone

• Labeling of all information and assets– Includes people, devices, services, and information– Information labels will define access and protection requirements

(Differentiated Quality of Protection)• Strong Identification and Authentication of all GIG entities• Shift toward object level access control• Shift toward policy based Risk Adaptive Access Control (RAdAC) model

– Mission need, Information policy, and trust level of people, IT and environmental risk factors affect access decision

Provide ability to dynamically share information at multiple classification levels among U.S., allied, and coalition forces. Information access is based on mission need, information sensitivity (value), service being requested, entity’s identity

and privileges, and level of protection provided by an entity’s environment.

Information Sharing IA Objectives CKM – ANSI X9.69 CKM – a Flexible Solution


Components Needed For IA Objectives

Self Protecting Data ObjectsData Label AwarenessData Label Aware ServicesIdentity Management augmented by Key Management That is:

Role based Fine Grained (objects) Dynamic, not static, keys

COMSEC is traditional point to point, from here to there.The network today speaks in terms of “point of presence” – hard to define “there”

INFOSEC needs to be protecting the information itself, not the channel.Information is stored by content, with signatures to provide validation of content.

Used with permission from TecSec and NSA

TecSec, a Granite Gate partner provides patented technologies approved by NSA.

IA ObjectivesInformation Sharing CKM – ANSI X9.69 CKM – a Flexible Solution


TecSec, a Granite Gate partner provides patented technologies.

Used with permission from TecSec

What is ANSI X9.69? A Process - Called CKM

• CKM, short for Constructive Key Management®, technology provides Role Based Access Control that is enforced via cryptography.

• Published as ANSI Standards– X9.69 Framework For Key Management Extensions– X9.73 Cryptographic Message Syntax– X9.96 Secure XML– ISO 22895 (Draft)

• Properties of CKM Approach:– Key material not specific to individuals– Addresses the one-to-many distribution problem of key management– Access privileges bound to data via cryptography– Built-in key recovery performed by system owner– Modeling Role-Based Access Control (RBAC)– Content-based security– Complementing PKI

C2009 TecSec, Inc. All Rights Reserved

Information Sharing CKM – ANSI X9.69IA Objectives CKM – a Flexible Solution


TecSec, a Granite Gate partner provides patented technologies.

Used with permission from TecSec

C2009 TecSec, Inc. All Rights Reserved

Information Sharing CKM – ANSI X9.69IA Objectives CKM – a Flexible Solution

Digital Signature Applied

Audience Selected

*By Content Rule/Description

*From Organization’s Taxonomy/Permission Board

e.g. Harris/Engineering/Chain/Software Development

CKM Creates Unique (per object) Confidentiality WrapperProtects any digital data, text, graphics,

audio, video in any transmission format

CKM Seals the Object

Encrypted Objects

Data Protected not the network

Any server/servers

Employees with the correct credentials/ Permissions can read the information and reply in a similar fashion as the original Author. Credentials/Permissions Revocations are controlled by the employees’ organization such as Harris/US Navy/NAVAIR etc. Data remains in an encrypted state indefinitely and always available with the proper permissions.

ActiveAttributes chart

CKM is a flexible solution that meets all stated requirements

Information Created

Working key is generated






Identity of Merit

Architecture

Process

Technology


12




Approved Role


& Encryption

Encrypted Data

Encrypted Data

Encrypted Data

Rule-Based

Applications





IQware, a Granite Gate shareholder, provides virus immune, rule-based & cross platform technology for application development/integration, and

master data management/mining .


IQware, a Granite Gate shareholder, provides secure server technologies.

Used with permission from IQware

IQware's Key Features for virus immune applications and data management

● Rule-basedSoftware’s appearance and functionality are 100% controlled by operating rules that can be changed on-the-fly, while the system is running.

● InteroperableUses thin client (Xlib) architecture (obeys IEEE & POSIX standards) which ensures compatibility with and adaptability to new and emerging hand-held & desktop technologies.

● SecureSolves the ENTIRE security problem by monitoring and controlling all access of subjects to objects.

● DisruptiveForces competitors into uncompetitive and uneconomic tradeoffs.

● PatentedUS patent awarded for “Method and System for Providing a Virus-Immune, Rule-Based, Cross-Platform Software System”. Additional patents filed.

Rule - Based Applications Rule - SpecificationKey Features

©2009 IQware, Inc. All Rights Reserved


Used with permission from IQware


User InputKey Press

Mouse MovementMouse ClickOther Input

Program ResponsePerform operation(s)

Execute routine(s)Terminate

Business LogicExamine User Input

Examine current program stateExamine other conditions

Make a Decision

“Idle Time”Wait for next

user inputWait for external

event

Rule - Based Applications

• We separate the “user input piece” from the rest of the application so “malware” cannot “infect” the critical business logic and program operation.

• We use a TCB (Trusted Computing Base) that is DoD rated B2/C2 for the secure server.

• We can use any kind of laptop / desktop for the “user input piece” (Windows, Linux, Apple, PDAs, etc.).

• The client piece is very thin and is available as open source freeware (XLIB).

• The secure server handles all program logic, decision making and operation execution.

• All communication to/from client is encrypted.

Invention #1:We “cut” the app along this line for interoperability

This part of the app runs on a DoD secure server

This part of the app runs on ANY client!

Malware stays here

No malware hereInvention #2:We put this piece on a DoD-rated secure server for virus-immunity

New Approach (Patented US #7,322,028)

Rule - SpecificationKey Features

© 2009 IQware, Inc. All Rights Reserved

Granite Gate Corporation™ 15Used with permission from IQware


The code is “planar” - its flowchart has no crossing lines. Planar code makes it simple and easy to mathematically verify. Planar code is suitable for DoD “A1” level certification and EAL-7 certification. The reference monitor implemented within OVMS handles security at the lowest layer. Two main loops – the “event loop” and the “action loop”. The event loop gathers events which include UIF (user interface) and rule events. The action loop performs all rule-directed actions. Rules are referenced by a unique ID and are executed in the order determined by their

configuration. Each rule can specify several classes of items:

Events (E) Actions (A)Data Source (DS) Data Destination (DD)Visual Attributes (VA) O/S Permissions (OSP)Access Modes (AM) Audit specifications (AU)

Items are logically independent Not all items are relevant for each rule. Rules are graphically configured by an intuitive editor, IQ-Build. Rules may have dependencies on other rules for increased flexibility.

Rule - Based Applications Rule - SpecificationKey Features

Rules act as the application (process control, integration, data mgt./mining – All are rules)

© 2009 IQware, Inc. All Rights Reserved


Rule-Based

Applications





Identity of Merit

Architecture

Process

Technology


Granite Gate’s INTEGRATION ties the front-end and back-end

to provide the turn-key secure system “ICS”




Approved Role


& Encryption





Encrypted Data

Encrypted Data

Encrypted Data


IQware Proprietary

Components

Patented US #7,322,028Rule Based App Component

“cuts the business logic from the workstation and hosts it on the secure server”

“the application is controlled by rules not hard coded logic”

Platform independent and interoperable

TecSec Proprietary

Components

31 US Patents

Secure access control card

CKM ®TECSEC

CKM ®TECSEC Enabled Smart

Card

Privilege management

Data encryption

Granite Gate Proprietary

ComponentsIntegration with Open Office Open

Office*SECURE* is the first Application*SECURE* Product

Integration of IQware and TecSec technologies to form the ICS 1

Other rule-based secure applications

17

TecSec a partner and IQware a shareholder provides access to patented technologies.

1Exclusive integration rights


Computer-based Training

ICS

TecSec Technologies

IQware Technologies

Security Policy & Practices

Application*SECURE*

Role-Based Application

Cyber Security Services

ICS Implementation

Audit and Assessment

Management and Policy

Technical Implementation

Program Management

Role-Based Application Development

Application Integration

Granite Gate’s services and training capabilities are focused on the Integrated Cyber Secure (ICS) product, TecSec and IQware Technologies.

18


Granite Gate is lead by a team of highly qualified professionals.

19

John Keihm

Board of Directors

Chief ExecutiveEdward Merrill

DirectorFederal Sales

DirectorMarketing

DirectorPR and Programs

DirectorEngineering

DirectorConsulting

DirectorTraining

Vice President Business Development

Executive Vice President Engineering & Operations

Tom Verbeck (BG Ret)

Pending

Bruce Bohn (BG Ret)

Board of Advisors - ChairmanWilliam Donahue (LtG Ret)

John Keihm(Dir DIA Ret)

B. J. Penn*(SECNAV Ret)

* Pending


In Conclusion, Granite Gate is focused on being the leader in secure cyber content products and services. Granite Gate’s offerings are

customer focused and represent best of breed component technologies.

Experience and committed leadership Key corporate shareholder and partner bring technologies to Granite Gate State of the art technologies: ICS and Application*SECURE* Disruptive technologies (makes all others uncompetitive and uneconomical) Compelling computer-based cyber security training content Products and services supplement network security and operate within the

existing infrastructure Standards based processes and products (ANSI, NIST, ITIL, FIPS, HIPAA,

CISSP,) (and CMMI Level 2 pending) TS Facility Clearance (pending)

20

All elements are synergistic within the ICS framework.Together, they create a compelling offer for our

customers, partners, and investors.

General Version 9 21 09

Documents

Transcript of General Version 9 21 09