December 31, 2013
Advanced Data Security
FairCom conducts ongoing security reviews, resulting in numerous elevated security controls required to safeguard your mission-critical data.
Several new features and changes were introduced in c‑treeACE V10 that will be of particular interest to existing c‑treeACE applications. These relate to authentication, authorizations for access control and encryption for data protection.
Some of the most important V10 changes and additions include the following:
Increased Password Protections
Strong passwords are the first line of defense to protect unauthorized access to data. c‑treeACE has increased password lengths to 63 bytes (the prior limit was 9 bytes). Passwords are “salted” and securely stored as SHA-512 hash values. Secured password exchange between client and server has also been improved.
Note: The new client/server authentication exchange breaks prior client/server compatibility with existing clients and servers. Only V10 clients matching the new V10 server format can connect to c‑treeACE V10. New error codes can be experienced when a mismatch between client and server occur with these new secure logon changes
If a client without secure password transmission calls a function that sends a password and the server requires the new secure logon, the call fails with error PWDC_ERR (961).
If a client with secure password transmission calls a function that sends a password and the server does not support secure password transmission, the call fails with error PWDS_ERR (962).
Guest Logon Disabled
A GUEST account is used when no user name is presented to c‑treeACE at connection time. Guest logons are now disabled by default and may impact many existing applications that don’t explicitly require a user name when connection to a c‑treeACE server. Add GUEST_LOGON YES to your ctsrvr.cfg configuration file should you wish to continue using the guest account.
Change Your Master Encryption Password
c‑treeACE supports advanced encryption of data, including AES encryption. The advanced encryption feature uses a master password to encrypt the file-specific advanced encryption key in data, index, and transaction log files that use advanced encryption. Data encryption is an important component for any solid security plan. Encrypting data at rest ensures that external applications, stolen hard drives, and snooping eyes don’t find important information to steal. Who knows, you may find the meaning of life stored there.
Master key rotation is essential to maintain that data security over the long term. A new feature allows changing the master password used to encrypt the file-specific encryption keys in specified files. A new ctencrypt utility is provided for changing the master key. There is also an option within the ctadmn utility to perform a master key change.
Key Stores for Secured Failover
c‑treeACE advanced encryption (AES, Blowfish, Twofish, 3DES) requires a master password to enable protection of encrypted file access. By default, this master key must be presented to c‑treeACE on startup as prompted. However, this prompted interaction is not always possible. Consider the case of a failover strategy for business continuity, or the case where no single person should ever know the complete key as keys are built from random secure key generators.
c‑treeACE now supports a key store to obtain this key value at startup. The ctcpvf utility has been updated with command-line options to write the master key to an encrypted file store.
The c‑treeACE configuration option MASTER_KEY_FILE specifies a file from which c‑treeACE reads the master encryption key. The Windows master key approach uses the DPAPI to encrypt the data using the user credentials, and only that user can then decrypt the file. On Linux and Unix systems, the master key is stored AES encrypted in a file on disk, with permissions set such that only the user that created the file can read it (permissions mask of 400). For complete security, it is important to use hardened safeguards to fully protect this key store file. It is recommended this file is securely backed up and protected off-site.
c‑treeACE V10 brings a highly secure data access solution for your application needs. However, the security landscape and regulatory environment constantly progresses. HIPAA compliance continues to challenge healthcare software applications, and PCI-DSS and Dodd-Frank regulations remain absolutes in the financial sector. We anticipate additional c‑treeACE security features to help meet and exceed these challenges in upcoming releases. As always, should you have particular application requirements, don’t hesitate to contact your nearest FairCom office. We’re happy to discuss your needs and find a solution that enhances your application success.