Share

Black Lantern

Guardtime's Black LanternTM  enables organizations to ensure the integrity of their networks, prevent the loss of critical digital assets and track data securely throughout its supply chain.


Real-time Situational Awareness  

Black Lantern enables customers to tag and track the veracity of every component, configuration, and digital asset within a network to achieve real-time awareness of the asset integrity state, no matter where that asset is transmitted, stored, or received.

The Platform extends the power of the KSI® Industrial Blockchain for real-time cybersecurity and data-centric asset protection, directly supporting enhanced continuity of operations, data loss prevention, and is a new form of real-time Advanced Persistent Threat (APT) detection. 

The Platform consists of specialized security appliance hardware with advanced anti-tamper functionality,  software suite for real-time monitoring of the integrity state of your network and  a service that provides KSI signatures needed for network instrumentation. 



How it works?

1. Baseline.
The Platform records the state of all  KSI-instrumented digital assets by registering them in a global KSI Blockchain, generating a mathematically verifiable baseline image of the network - a Clean State Proof.  Once this state has been achieved, it becomes possible to continuously verify that the network remains in a the clean state, and act when a compromise is detected.

2. Verify.
The Platform enables continuous verification of whether your network is still free of compromise and Clean State Proof still valid. We call this concept Active Integrity and it provides you with a real-time situational awareness of digital assets like firmware, operating systems, network routing tables, switch and router configuration parameters, event logs, data stores or computer memory.

3. Remedy.
The changed integrity state provides a real-time alert, enabling you to make immediate decisions in the event that the network and/or asset is compromised and rapidly identify the cause and specific components responsible. I.e. if an asset is affected by malware, the asset can be ‘sandboxed’ or fire-walled before further propagation.




Defends Itself Against Remote Attacks

  • Active Monitoring of executable code during run-time
  • Denial of Service attack resistance via OSI policing
  • Authenticated and encrypted communications channels

The Security Appliance's software is encrypted at rest using ETSI approved encryption algorithms. The hardware is incapable of executing unsigned code; it will not boot if the software and hardware runtime environment is not authentic.

Defends Itself Against Physical Attacks

  • All operating software is signed and encrypted at rest
  • Hardware is resistant to cryptanalytic attacks 
  • Escalated tampering results in heightened security reactions to preserve the resilience of Black Lantern and connected assets

Black Lantern Appliance uses  advanced ASICs with customized tamper protection features and escalation reaction monitors for added security given a variety of physical attack vectors

Actively Reports to NOC / SOC

  • Reports any attempt of tampering to SOC
  • Real-time alert on suspected Black Lantern peer-tampering
  • Provides critical operational metrics to NOC

Key Benefits

Black Lantern Security Appliance is self-protecting. Tamper events are immediately evident and the device engages protection mechanisms to wipe keys and software, rendering the system inoperable, or into various maintenance modes.

It is not possible to use Black Lantern to stage an attack, either against the device itself, or against other assets in your network.

Key Features 

  • High Availability & Redundancy
  • Active Self-Defense Mechanisms
  • Security Reaction Monitors
  • Real-Time SOC Escalation
  • Content-Aware Network Stack
  • Secure Signed Updates
  • Network Ingress Protection
  • Continuous Monitoring
  • Guaranteed QoS & SLA’s

 KSI Service
Access to the KSI® Industrial Blockchain

The KSI Service provides access to the KSI Industrial Blockchain allowing organizations to instrument their networks with KSI Signatures and consequently detect changes in the integrity state of monitored digital assets in real-time. KSI Service ingests a hash value representing your data and returns a KSI Signature that can be used to independently assert the existence of data integrity, signing time, and signing entity of that data.

KSI Service Access

The KSI Service is rendered using fault-tolerant globally distributed physical infrastructure and accessed via the Black Lantern Security Appliance. 

The Black Lantern Appliance also performs the data hashing operations, as well as the first level of hash aggregation to preserve not only privacy of the data contents, but also the privacy of the data volume - only one hash value per second ever leaves your perimeter and is entered to KSI Service infrastructure.  

KSI Service Providers

The  KSI Service is available globally in more than 180 countries.   

Guardtime offers KSI Service globally for selected governments and organizations.
  
Ericsson offers KSI Service globally, based on its telecom-grade KSI infrastructure buildup.

Key Properties

Data Privacy.
The KSI Service does not ingest any customer data, ever – instead the system is based on one-way cryptographic hash values that uniquely represent the data, but are irreversible such that one cannot start with the hash value and reconstruct the data - data privacy is unconditionally guaranteed at all times.

 Scale.
The current build-out of the KSI Service enables to sign and verify trillion (1012) data items, every second.

Global Availability. 
The KSI Service is designed to be available globally and the hash aggregation points are physically located in every continent to ensure consistent response times.

Security. 
The KSI Service is rendered using a stateless software defined network - the hash-tree structure that makes up the network is created, validated and destroyed once per second, and no data is stored during the process, apart from the root hash value of the hash-tree structure that is added to the KSI Blockchain after achieving a distributed consensus.