EOGuard
A security and trust service providing a full end to end chain of custody for Earth observation data.
The increase in Earth Observation (EO) data volumes, along with its variety and velocity, requires disruptive changes in the ways data is stored and how users interact with EO products. EOGuard guarantees data integrity and immutability while mitigating risks of accidental data corruption, processing errors and other vulnerabilities like security violation, data tampering or malicious interference in the databases.
Guardtime and European Space Agency (ESA) have joined forces to integrate EOGuard into ESA’s EO data archiving, distribution and quality control processes.
EOGuard approach to protecting satellite mission data:
Data immutability
changes to data are detected.Data provenance
origination, a proven sequence and the time of events is guaranteed.Data composition
provenance and immutability when aggregating or combining different data objects into a single object is maintained.
EOGuard is deployed in Space Data Long Term Preservation Archive
Enabling technology
The backbone of EOGuard is Guardtime’s KSI® Blockchain that provides the integrity and time of any piece of digital data. It enables automated verification of unlimited number of secured digital assets and relies on one-way cryptographic hash functions. The cryptography behind the KSI® Blockchain signatures ensures that they are fully scalable, they never expire and remain quantum-immune while data privacy is guaranteed.
Data in EOGuard is transported in XML containers called dockets. Each docket includes elements for metadata, properties, optionally related dockets, and the KSI signature.
Unique benefits of EOGuard
SCALABILITY
EOGuard is utilizing KSI Blockchain as the trust anchor and it scales practically indefinitely. The architecture design allows handling millions of requests per second and the core technology has already been proven in production for mission-critical systems in telecom and finance industries. Providing the solution through operating with data hashes instead of vast volumes of EO data products itself enables minimal impact to existing processes and data archives.
EOGuard is utilizing KSI Blockchain as the trust anchor and it scales practically indefinitely. The architecture design allows handling millions of requests per second and the core technology has already been proven in production for mission-critical systems in telecom and finance industries. Providing the solution through operating with data hashes instead of vast volumes of EO data products itself enables minimal impact to existing processes and data archives.
AUDITIBILITY
By using eIDAS compliant KSI blockchain as a signature service EOGuard ensures that audit trails can be presented as evidence with independent proof of the time. It also guarantees integrity of events, proves their correct order and ensures that no event has been deleted. This applies to both: utilization on the service operator's side and providing proof to 3rd parties.
By using eIDAS compliant KSI blockchain as a signature service EOGuard ensures that audit trails can be presented as evidence with independent proof of the time. It also guarantees integrity of events, proves their correct order and ensures that no event has been deleted. This applies to both: utilization on the service operator's side and providing proof to 3rd parties.
LONG-TERM VALIDITY
The signatures that EOGuard provides to customers products don't require periodic re-timestamping due to expiring keys. The time and integrity of the signature can be proven mathematically without reliance on trusted third-parties or the continued secrecy of any keys.
The signatures that EOGuard provides to customers products don't require periodic re-timestamping due to expiring keys. The time and integrity of the signature can be proven mathematically without reliance on trusted third-parties or the continued secrecy of any keys.