Architecture Overview:

Tricryption Key Management software installs on a Key Server with attached relational database (key database). File encryption client software may reside on multiple compute platforms including workstations, laptops, thin clients, servers, and select mainframes (through Java interface). In networked operation, the key server maintains the keys and distributes key copies via secure TCP/IP TLS network communications with each of the client encryption software nodes hosted on the various platforms shown above. Encryption clients utilize key copies to perform encryption and decryption of files before destroying those key copies on session completion. The original keys are always maintained securely at the key server and may be backed up for availability by any user without compromise risk. Centralized logs are maintained at the key server/database and available to security and IT management for either reports or interfacing to network security monitoring capabilities.
Primary use characteristics and advantages of Tricryption file level encryption are:

		Transparent & Customary:Transparency and customary usage are essential for acceptance of use within a enterprise. Benefits of transparent and accustomed use must apply to all those involved in the enterprise: users, IT administrators, and security administrators. Tricryption meets these requirements for:
		Users: Desktop actions and commands: no procedural impact, no additional training. Encryption mechanics: actions accomplished automatically and coherently. Assured information sharing: support for group distribution (no bundling) IT Administrators: Installation: direct and script based methods. Enterprise Integration: supports current industry standard IT capabilities. Network Backup: checkpoint & network file share inadvertent capture avoided. Insider Threat: accomplish IT tasks without the need to see contents. Security Administrators: Logging data: logs are centrally maintained and available for report & review Policy enforcement: mandatory or discretionary with intuitive control structures Security review: anonymous content review for specific and authorized users
		Networked & Autonomous (Disconnected) Operation: Tricryption file level encryption clients typically operate with a network connected Key Server. With authorization, the client may activate it’s own internal Key Server (Remote Engine) and temporarily operate independently of the network. On the next network reattachment, key management and logging functions are resynchronized and network client-server operations are resumed.
		Architecture Efficiencies: With file encryption clients distributed among the enterprise architecture, the overall processing cost of encryption is decentralized across all of the nodes. Key servers can be scaled and allocated to various client encryption groups (Communities of Interest/CoI) as encryption operational loading dictates

Want to see more description details?