Awareness and Training, Data Security

The WITDOM Key Management component provides management of secrets (for example, private and public encryption keys or credentials to access the storage) that are required for operations run by protection components. Since secrets are required in trusted and untrusted domains, there are two instances of the KM component in the WITDOM architecture with similar functionalities.

WITDOM’s Secure Signal Processing (SSP) component performs secure signal processing operations on protected data and signals (encrypted, obfuscated, split or a combination thereof) in an untrusted environment, by preventing the disclosure of the sensitive information while it is being processed in the untrusted domain.

WITDOM’s data masking component is responsible for masking sensitive data classified as direct identifiers. The masking process creates service-and-user-specific tokens that can be updated over time, satisfying two main security requirements: irreversibility and unlinkability.

This tool provides the means for processing data in different ways, supporting different purposes with different privacy requirements. It includes several components providing the capabilities to encrypt data while preserving the format or ordering of the data. This tool enables users of legacy applications to move their databases to a public cloud, while preserving data privacy and confidentiality. Moreover, the tool provides components for data generalization as means for anonymizing bulk data using k-anonymity techniques.