Need2Know® (N2K) is an Information-Centric Security (InfoCenSec) solution that enforces access policy to data objects through strong cryptography.
N2K is InfoAssure's answer to the evolving requirement for secure information sharing critical for improving our nation's homeland security and secure information sharing. The N2K design is modular and provides for strong configurable identification, authentication, authorization and full active auditing of both the PC client and server administrative functions.
Need2Know protects information (data objects) based on content and user access policy at the point of origin/creation. N2K uses patented cryptographic techniques to create and bind N2K labels (asymmetric key pairs) to the information object and subsequently allows sharing of the protected information by securely distributing N2K labels to enrolled end-users (or devices) based on the individual user's role/duty and authorizations. The information encryption is persistent and protects the information object as it is stored (data at rest) and transits networks/devices (data in transit/mobile data).
One very powerful and unique difference from traditional encryption products with the N2K "cryptographic defense in depth" approach is that each and every data object is wrapped with unique keys so that if by a very remote chance one data object is compromised all of the rest of the data objects in the enterprise are still safe.Product Data Sheet
- Information Sharing Vision: N2K enables the new mindset need-to-share data while addressing the need-to-protect and control access to it through a persistent "cryptographic defense in depth" process.
- Mission-centric: N2K adapts to dynamic operational environments as well as adding/removing COI partners (i.e., the ability to dynamically create, manage, and dissolve Communities of Interest (COIs) and manage/revoke access authorization of users/data).
- Information-centric: N2K applies cryptographic persistent access control into the data object resulting in self-protected data independent of the IT infrastructure. Any data object can be protected by N2K including files, video streams, XML chat streams, and Voice over IP sessions.
- Role/Attribute-based access control: Access is based on duty/role and attributes beyond security classification (e.g., environment, duty, role/mission focus, affiliation,)
- Data Stewardship: N2K puts the capability to share and control discoverability and access to data and resources into the hands of the data owner/producer and joint commanders
- System Oriented Architecture (SOA): For scalable, efficient and secure distribution of access authorizations (N2K labels) to end users and devices
- Mobile and Forward-Deployed Platform Support: N2K information access controls can be used on forward deployed and mobile/wireless platforms as well as connected office environments
- Data Leak Prevention: N2K's persistent encryption of information objects at rest and in transit protects against data leakage and unauthorized user access.